Vulnerabilities > CVE-2018-7738 - Unspecified vulnerability in Kernel Util-Linux
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
In util-linux before 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command (within Bash) by a different user, as demonstrated by logging in as root and entering umount followed by a tab character for autocompletion.
Vulnerable Configurations
Nessus
NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2018-2_0-0037.NASL description An update of {'mercurial', 'python2', 'zsh', 'pycrypto', 'patch', 'binutils', 'paramiko', 'httpd', 'mysql', 'xerces-c', 'util-linux', 'net-snmp', 'python3', 'sqlite'} packages of Photon OS has been released. last seen 2019-02-21 modified 2019-02-07 plugin id 111297 published 2018-07-24 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=111297 title Photon OS 2.0 : Zsh / Python3 / Xerces / Mercurial / Pmd / Pycrypto / Net / Python2 / Util / Mysql / Paramiko / Binutils / Patch / Sqlite (PhotonOS-PHSA-2018-2.0-0037) (deprecated) code # # (C) Tenable Network Security, Inc. # # @DEPRECATED@ # # Disabled on 2/7/2019 # # The descriptive text and package checks in this plugin were # extracted from VMware Security Advisory PHSA-2018-2.0-0037. The text # itself is copyright (C) VMware, Inc. include("compat.inc"); if (description) { script_id(111297); script_version("1.3"); script_cvs_date("Date: 2019/04/05 23:25:07"); script_cve_id( "CVE-2017-12627", "CVE-2017-18207", "CVE-2018-1303", "CVE-2018-2573", "CVE-2018-2583", "CVE-2018-2612", "CVE-2018-2622", "CVE-2018-2640", "CVE-2018-2665", "CVE-2018-2668", "CVE-2018-2703", "CVE-2018-6594", "CVE-2018-6951", "CVE-2018-7208", "CVE-2018-7549", "CVE-2018-7643", "CVE-2018-7738", "CVE-2018-7750", "CVE-2018-8740", "CVE-2018-1000030", "CVE-2018-1000116", "CVE-2018-1000117", "CVE-2018-1000132" ); script_bugtraq_id( 102678, 102681, 102682, 102704, 102706, 102708, 102709, 102710, 103044, 103077, 103219, 103264, 103367, 103466, 103522, 103713, 104527 ); script_name(english:"Photon OS 2.0 : Zsh / Python3 / Xerces / Mercurial / Pmd / Pycrypto / Net / Python2 / Util / Mysql / Paramiko / Binutils / Patch / Sqlite (PhotonOS-PHSA-2018-2.0-0037) (deprecated)"); script_summary(english:"Checks the rpm output for the updated packages."); script_set_attribute(attribute:"synopsis", value: "This plugin has been deprecated."); script_set_attribute(attribute:"description", value: "An update of {'mercurial', 'python2', 'zsh', 'pycrypto', 'patch', 'binutils', 'paramiko', 'httpd', 'mysql', 'xerces-c', 'util-linux', 'net-snmp', 'python3', 'sqlite'} packages of Photon OS has been released."); # https://github.com/vmware/photon/wiki/Security-Updates-2-37 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?5a24de30"); script_set_attribute(attribute:"solution", value:"n/a."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2017-12627"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"patch_publication_date", value:"2018/04/23"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/07/24"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:zsh"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:python3"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:xerces"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:mercurial"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:pmd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:pycrypto"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:net"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:python2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:util"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:mysql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:paramiko"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:binutils"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:patch"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:sqlite"); script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:photonos:2.0"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"PhotonOS Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/PhotonOS/release", "Host/PhotonOS/rpm-list"); exit(0); } exit(0, "This plugin has been deprecated."); include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/PhotonOS/release"); if (isnull(release) || release !~ "^VMware Photon") audit(AUDIT_OS_NOT, "PhotonOS"); if (release !~ "^VMware Photon (?:Linux|OS) 2\.0(\D|$)") audit(AUDIT_OS_NOT, "PhotonOS 2.0"); if (!get_kb_item("Host/PhotonOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "PhotonOS", cpu); flag = 0; pkgs = [ "binutils-2.30-4.ph2", "binutils-debuginfo-2.30-4.ph2", "binutils-devel-2.30-4.ph2", "mercurial-4.5.3-1.ph2", "mercurial-debuginfo-4.5.3-1.ph2", "mysql-5.7.21-1.ph2", "mysql-debuginfo-5.7.21-1.ph2", "mysql-devel-5.7.21-1.ph2", "net-snmp-5.7.3-8.ph2", "net-snmp-debuginfo-5.7.3-8.ph2", "net-snmp-devel-5.7.3-8.ph2", "paramiko-2.1.5-1.ph2", "patch-2.7.5-5.ph2", "patch-debuginfo-2.7.5-5.ph2", "pmd-python2-0.0.5-5.ph2", "pmd-python3-0.0.5-5.ph2", "pycrypto-2.6.1-4.ph2", "pycrypto-debuginfo-2.6.1-4.ph2", "python2-2.7.13-12.ph2", "python2-debuginfo-2.7.13-12.ph2", "python2-devel-2.7.13-12.ph2", "python2-libs-2.7.13-12.ph2", "python2-test-2.7.13-12.ph2", "python2-tools-2.7.13-12.ph2", "python3-3.6.5-1.ph2", "python3-curses-3.6.5-1.ph2", "python3-debuginfo-3.6.5-1.ph2", "python3-devel-3.6.5-1.ph2", "python3-libs-3.6.5-1.ph2", "python3-paramiko-2.1.5-1.ph2", "python3-paramiko-2.1.5-1.ph2", "python3-pip-3.6.5-1.ph2", "python3-pycrypto-2.6.1-4.ph2", "python3-pycrypto-2.6.1-4.ph2", "python3-setuptools-3.6.5-1.ph2", "python3-test-3.6.5-1.ph2", "python3-tools-3.6.5-1.ph2", "python3-xml-3.6.5-1.ph2", "sqlite-3.22.0-2.ph2", "sqlite-debuginfo-3.22.0-2.ph2", "sqlite-devel-3.22.0-2.ph2", "sqlite-libs-3.22.0-2.ph2", "util-linux-2.32-1.ph2", "util-linux-debuginfo-2.32-1.ph2", "util-linux-devel-2.32-1.ph2", "util-linux-lang-2.32-1.ph2", "util-linux-libs-2.32-1.ph2", "xerces-c-3.2.1-1.ph2", "xerces-c-debuginfo-3.2.1-1.ph2", "xerces-c-devel-3.2.1-1.ph2", "zsh-5.3.1-6.ph2", "zsh-debuginfo-5.3.1-6.ph2", "zsh-html-5.3.1-6.ph2" ]; foreach (pkg in pkgs) if (rpm_check(release:"PhotonOS-2.0", reference:pkg)) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "zsh / python3 / xerces / mercurial / pmd / pycrypto / net / python2 / util / mysql / paramiko / binutils / patch / sqlite"); }
NASL family Debian Local Security Checks NASL id DEBIAN_DSA-4134.NASL description Bjorn Bosselmann discovered that the umount bash completion from util-linux does not properly handle embedded shell commands in a mountpoint name. An attacker with rights to mount filesystems can take advantage of this flaw for privilege escalation if a user (in particular root) is tricked into using the umount completion while a specially crafted mount is present. last seen 2020-06-01 modified 2020-06-02 plugin id 107279 published 2018-03-12 reporter This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/107279 title Debian DSA-4134-1 : util-linux - security update code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DSA-4134. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(107279); script_version("1.5"); script_cvs_date("Date: 2018/11/13 12:30:46"); script_cve_id("CVE-2018-7738"); script_xref(name:"DSA", value:"4134"); script_name(english:"Debian DSA-4134-1 : util-linux - security update"); script_summary(english:"Checks dpkg output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security-related update." ); script_set_attribute( attribute:"description", value: "Bjorn Bosselmann discovered that the umount bash completion from util-linux does not properly handle embedded shell commands in a mountpoint name. An attacker with rights to mount filesystems can take advantage of this flaw for privilege escalation if a user (in particular root) is tricked into using the umount completion while a specially crafted mount is present." ); script_set_attribute( attribute:"see_also", value:"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892179" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/source-package/util-linux" ); script_set_attribute( attribute:"see_also", value:"https://packages.debian.org/source/stretch/util-linux" ); script_set_attribute( attribute:"see_also", value:"https://www.debian.org/security/2018/dsa-4134" ); script_set_attribute( attribute:"solution", value: "Upgrade the util-linux packages. For the stable distribution (stretch), this problem has been fixed in version 2.29.2-1+deb9u1." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:util-linux"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:9.0"); script_set_attribute(attribute:"patch_publication_date", value:"2018/03/10"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/03/12"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"9.0", prefix:"bsdutils", reference:"2.29.2-1+deb9u1")) flag++; if (deb_check(release:"9.0", prefix:"libblkid-dev", reference:"2.29.2-1+deb9u1")) flag++; if (deb_check(release:"9.0", prefix:"libblkid1", reference:"2.29.2-1+deb9u1")) flag++; if (deb_check(release:"9.0", prefix:"libfdisk-dev", reference:"2.29.2-1+deb9u1")) flag++; if (deb_check(release:"9.0", prefix:"libfdisk1", reference:"2.29.2-1+deb9u1")) flag++; if (deb_check(release:"9.0", prefix:"libmount-dev", reference:"2.29.2-1+deb9u1")) flag++; if (deb_check(release:"9.0", prefix:"libmount1", reference:"2.29.2-1+deb9u1")) flag++; if (deb_check(release:"9.0", prefix:"libsmartcols-dev", reference:"2.29.2-1+deb9u1")) flag++; if (deb_check(release:"9.0", prefix:"libsmartcols1", reference:"2.29.2-1+deb9u1")) flag++; if (deb_check(release:"9.0", prefix:"libuuid1", reference:"2.29.2-1+deb9u1")) flag++; if (deb_check(release:"9.0", prefix:"mount", reference:"2.29.2-1+deb9u1")) flag++; if (deb_check(release:"9.0", prefix:"setpriv", reference:"2.29.2-1+deb9u1")) flag++; if (deb_check(release:"9.0", prefix:"util-linux", reference:"2.29.2-1+deb9u1")) flag++; if (deb_check(release:"9.0", prefix:"util-linux-locales", reference:"2.29.2-1+deb9u1")) flag++; if (deb_check(release:"9.0", prefix:"uuid-dev", reference:"2.29.2-1+deb9u1")) flag++; if (deb_check(release:"9.0", prefix:"uuid-runtime", reference:"2.29.2-1+deb9u1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family SuSE Local Security Checks NASL id SUSE_SU-2019-0390-1.NASL description This update for util-linux fixes the following issues : The update package also includes non-security fixes. See advisory for details. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 122228 published 2019-02-15 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/122228 title SUSE SLES12 Security Update : util-linux (SUSE-SU-2019:0390-1) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SUSE update advisory SUSE-SU-2019:0390-1. # The text itself is copyright (C) SUSE. # include("compat.inc"); if (description) { script_id(122228); script_version("1.3"); script_cvs_date("Date: 2020/02/12"); script_cve_id("CVE-2018-7738"); script_name(english:"SUSE SLES12 Security Update : util-linux (SUSE-SU-2019:0390-1)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote SUSE host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "This update for util-linux fixes the following issues : The update package also includes non-security fixes. See advisory for details. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1072947" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1078662" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1080740" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1084300" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-7738/" ); # https://www.suse.com/support/update/announcement/2019/suse-su-20190390-1/ script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?bda320d1" ); script_set_attribute( attribute:"solution", value: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'. Alternatively you can run the command listed for your product : SUSE OpenStack Cloud 7:zypper in -t patch SUSE-OpenStack-Cloud-7-2019-390=1 SUSE Linux Enterprise Server for SAP 12-SP2:zypper in -t patch SUSE-SLE-SAP-12-SP2-2019-390=1 SUSE Linux Enterprise Server 12-SP2-LTSS:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2019-390=1 SUSE Linux Enterprise Server 12-SP2-BCL:zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2019-390=1 SUSE Enterprise Storage 4:zypper in -t patch SUSE-Storage-4-2019-390=1 OpenStack Cloud Magnum Orchestration 7:zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2019-390=1" ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libblkid1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libblkid1-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libfdisk1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libfdisk1-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libmount1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libmount1-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsmartcols1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsmartcols1-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libuuid1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libuuid1-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-libmount"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-libmount-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-libmount-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:util-linux"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:util-linux-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:util-linux-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:util-linux-systemd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:util-linux-systemd-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:util-linux-systemd-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:uuidd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:uuidd-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/03/07"); script_set_attribute(attribute:"patch_publication_date", value:"2019/02/14"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/02/15"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE"); os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE"); os_ver = os_ver[1]; if (! preg(pattern:"^(SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES12", "SUSE " + os_ver); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu); sp = get_kb_item("Host/SuSE/patchlevel"); if (isnull(sp)) sp = "0"; if (os_ver == "SLES12" && (! preg(pattern:"^(2)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP2", os_ver + " SP" + sp); flag = 0; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libblkid1-2.28-44.18.18")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libblkid1-32bit-2.28-44.18.18")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libblkid1-debuginfo-2.28-44.18.18")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libblkid1-debuginfo-32bit-2.28-44.18.18")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libfdisk1-2.28-44.18.18")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libfdisk1-debuginfo-2.28-44.18.18")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libmount1-2.28-44.18.18")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libmount1-32bit-2.28-44.18.18")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libmount1-debuginfo-2.28-44.18.18")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libmount1-debuginfo-32bit-2.28-44.18.18")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libsmartcols1-2.28-44.18.18")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libsmartcols1-debuginfo-2.28-44.18.18")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libuuid1-2.28-44.18.18")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libuuid1-32bit-2.28-44.18.18")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libuuid1-debuginfo-2.28-44.18.18")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"libuuid1-debuginfo-32bit-2.28-44.18.18")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"python-libmount-2.28-44.18.38")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"python-libmount-debuginfo-2.28-44.18.38")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"python-libmount-debugsource-2.28-44.18.38")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"util-linux-2.28-44.18.18")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"util-linux-debuginfo-2.28-44.18.18")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"util-linux-debugsource-2.28-44.18.18")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"util-linux-systemd-2.28-44.18.25")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"util-linux-systemd-debuginfo-2.28-44.18.25")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"util-linux-systemd-debugsource-2.28-44.18.25")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"uuidd-2.28-44.18.25")) flag++; if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"uuidd-debuginfo-2.28-44.18.25")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"libblkid1-2.28-44.18.18")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"libblkid1-debuginfo-2.28-44.18.18")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"libfdisk1-2.28-44.18.18")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"libfdisk1-debuginfo-2.28-44.18.18")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"libmount1-2.28-44.18.18")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"libmount1-debuginfo-2.28-44.18.18")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"libsmartcols1-2.28-44.18.18")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"libsmartcols1-debuginfo-2.28-44.18.18")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"libuuid1-2.28-44.18.18")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"libuuid1-debuginfo-2.28-44.18.18")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"python-libmount-2.28-44.18.38")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"python-libmount-debuginfo-2.28-44.18.38")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"python-libmount-debugsource-2.28-44.18.38")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"util-linux-2.28-44.18.18")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"util-linux-debuginfo-2.28-44.18.18")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"util-linux-debugsource-2.28-44.18.18")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"util-linux-systemd-2.28-44.18.25")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"util-linux-systemd-debuginfo-2.28-44.18.25")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"util-linux-systemd-debugsource-2.28-44.18.25")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"uuidd-2.28-44.18.25")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"uuidd-debuginfo-2.28-44.18.25")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"libblkid1-32bit-2.28-44.18.18")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"libblkid1-debuginfo-32bit-2.28-44.18.18")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"libmount1-32bit-2.28-44.18.18")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"libmount1-debuginfo-32bit-2.28-44.18.18")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"libuuid1-32bit-2.28-44.18.18")) flag++; if (rpm_check(release:"SLES12", sp:"2", reference:"libuuid1-debuginfo-32bit-2.28-44.18.18")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "util-linux"); }
NASL family SuSE Local Security Checks NASL id SUSE_SU-2018-2071-1.NASL description This update for util-linux fixes the following issues : The update package also includes non-security fixes. See advisory for details. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 111372 published 2018-07-27 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/111372 title SUSE SLED12 / SLES12 Security Update : util-linux (SUSE-SU-2018:2071-1) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SUSE update advisory SUSE-SU-2018:2071-1. # The text itself is copyright (C) SUSE. # include("compat.inc"); if (description) { script_id(111372); script_version("1.4"); script_cvs_date("Date: 2019/09/10 13:51:48"); script_cve_id("CVE-2018-7738"); script_name(english:"SUSE SLED12 / SLES12 Security Update : util-linux (SUSE-SU-2018:2071-1)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote SUSE host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "This update for util-linux fixes the following issues : The update package also includes non-security fixes. See advisory for details. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1072947" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1078662" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1080740" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1084300" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-7738/" ); # https://www.suse.com/support/update/announcement/2018/suse-su-20182071-1/ script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?8f969ea1" ); script_set_attribute( attribute:"solution", value: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'. Alternatively you can run the command listed for your product : SUSE Linux Enterprise Workstation Extension 12-SP3:zypper in -t patch SUSE-SLE-WE-12-SP3-2018-1400=1 SUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t patch SUSE-SLE-SDK-12-SP3-2018-1400=1 SUSE Linux Enterprise Server 12-SP3:zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-1400=1 SUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2018-1400=1 SUSE CaaS Platform ALL : To install this update, use the SUSE CaaS Platform Velum dashboard. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libblkid1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libblkid1-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libfdisk1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libfdisk1-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libmount1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libmount1-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsmartcols1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsmartcols1-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libuuid-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libuuid1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libuuid1-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-libmount"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-libmount-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-libmount-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:util-linux"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:util-linux-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:util-linux-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:util-linux-systemd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:util-linux-systemd-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:util-linux-systemd-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:uuidd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:uuidd-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/03/07"); script_set_attribute(attribute:"patch_publication_date", value:"2018/07/26"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/07/27"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE"); os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE"); os_ver = os_ver[1]; if (! preg(pattern:"^(SLED12|SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED12 / SLES12", "SUSE " + os_ver); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu); sp = get_kb_item("Host/SuSE/patchlevel"); if (isnull(sp)) sp = "0"; if (os_ver == "SLES12" && (! preg(pattern:"^(3)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP3", os_ver + " SP" + sp); if (os_ver == "SLED12" && (! preg(pattern:"^(3)$", string:sp))) audit(AUDIT_OS_NOT, "SLED12 SP3", os_ver + " SP" + sp); flag = 0; if (rpm_check(release:"SLES12", sp:"3", reference:"libblkid1-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"libblkid1-debuginfo-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"libfdisk1-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"libfdisk1-debuginfo-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"libmount1-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"libmount1-debuginfo-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"libsmartcols1-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"libsmartcols1-debuginfo-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"libuuid1-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"libuuid1-debuginfo-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"python-libmount-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"python-libmount-debuginfo-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"python-libmount-debugsource-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"util-linux-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"util-linux-debuginfo-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"util-linux-debugsource-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"util-linux-systemd-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"util-linux-systemd-debuginfo-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"util-linux-systemd-debugsource-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"uuidd-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"uuidd-debuginfo-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"libblkid1-32bit-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"libblkid1-debuginfo-32bit-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"libmount1-32bit-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"libmount1-debuginfo-32bit-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"libuuid1-32bit-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"libuuid1-debuginfo-32bit-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libblkid1-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libblkid1-32bit-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libblkid1-debuginfo-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libblkid1-debuginfo-32bit-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libfdisk1-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libfdisk1-debuginfo-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libmount1-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libmount1-32bit-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libmount1-debuginfo-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libmount1-debuginfo-32bit-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libsmartcols1-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libsmartcols1-debuginfo-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libuuid-devel-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libuuid1-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libuuid1-32bit-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libuuid1-debuginfo-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libuuid1-debuginfo-32bit-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"python-libmount-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"python-libmount-debuginfo-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"python-libmount-debugsource-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"util-linux-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"util-linux-debuginfo-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"util-linux-debugsource-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"util-linux-systemd-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"util-linux-systemd-debuginfo-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"util-linux-systemd-debugsource-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"uuidd-2.29.2-3.8.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"uuidd-debuginfo-2.29.2-3.8.1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "util-linux"); }
NASL family SuSE Local Security Checks NASL id OPENSUSE-2018-811.NASL description This update for util-linux fixes the following security issue : - CVE-2018-7738: Fix local vulnerability using embedded shell commands in a mountpoint name (bsc#1084300) This update was imported from the SUSE:SLE-15:Update update project. last seen 2020-06-05 modified 2018-08-07 plugin id 111573 published 2018-08-07 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/111573 title openSUSE Security Update : util-linux (openSUSE-2018-811) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2018-811. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(111573); script_version("1.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2018-7738"); script_name(english:"openSUSE Security Update : util-linux (openSUSE-2018-811)"); script_summary(english:"Check for the openSUSE-2018-811 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update for util-linux fixes the following security issue : - CVE-2018-7738: Fix local vulnerability using embedded shell commands in a mountpoint name (bsc#1084300) This update was imported from the SUSE:SLE-15:Update update project." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1084300" ); script_set_attribute( attribute:"solution", value:"Update the affected util-linux packages." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libblkid-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libblkid-devel-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libblkid-devel-static"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libblkid1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libblkid1-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libblkid1-32bit-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libblkid1-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libfdisk-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libfdisk-devel-static"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libfdisk1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libfdisk1-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libmount-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libmount-devel-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libmount-devel-static"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libmount1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libmount1-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libmount1-32bit-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libmount1-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsmartcols-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsmartcols-devel-static"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsmartcols1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsmartcols1-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libuuid-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libuuid-devel-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libuuid-devel-static"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libuuid1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libuuid1-32bit"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libuuid1-32bit-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libuuid1-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python-libmount"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python-libmount-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python-libmount-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:util-linux"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:util-linux-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:util-linux-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:util-linux-lang"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:util-linux-systemd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:util-linux-systemd-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:util-linux-systemd-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:uuidd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:uuidd-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.0"); script_set_attribute(attribute:"patch_publication_date", value:"2018/08/06"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/08/07"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE15\.0)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "15.0", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE15.0", reference:"libblkid-devel-2.31.1-lp150.7.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libblkid-devel-static-2.31.1-lp150.7.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libblkid1-2.31.1-lp150.7.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libblkid1-debuginfo-2.31.1-lp150.7.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libfdisk-devel-2.31.1-lp150.7.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libfdisk-devel-static-2.31.1-lp150.7.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libfdisk1-2.31.1-lp150.7.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libfdisk1-debuginfo-2.31.1-lp150.7.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libmount-devel-2.31.1-lp150.7.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libmount-devel-static-2.31.1-lp150.7.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libmount1-2.31.1-lp150.7.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libmount1-debuginfo-2.31.1-lp150.7.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libsmartcols-devel-2.31.1-lp150.7.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libsmartcols-devel-static-2.31.1-lp150.7.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libsmartcols1-2.31.1-lp150.7.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libsmartcols1-debuginfo-2.31.1-lp150.7.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libuuid-devel-2.31.1-lp150.7.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libuuid-devel-static-2.31.1-lp150.7.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libuuid1-2.31.1-lp150.7.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libuuid1-debuginfo-2.31.1-lp150.7.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"util-linux-2.31.1-lp150.7.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"util-linux-debuginfo-2.31.1-lp150.7.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"util-linux-debugsource-2.31.1-lp150.7.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"util-linux-lang-2.31.1-lp150.7.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"util-linux-systemd-2.31.1-lp150.7.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"util-linux-systemd-debuginfo-2.31.1-lp150.7.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"util-linux-systemd-debugsource-2.31.1-lp150.7.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"uuidd-2.31.1-lp150.7.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"uuidd-debuginfo-2.31.1-lp150.7.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"libblkid-devel-32bit-2.31.1-lp150.7.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"libblkid1-32bit-2.31.1-lp150.7.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"libblkid1-32bit-debuginfo-2.31.1-lp150.7.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"libmount-devel-32bit-2.31.1-lp150.7.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"libmount1-32bit-2.31.1-lp150.7.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"libmount1-32bit-debuginfo-2.31.1-lp150.7.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"libuuid-devel-32bit-2.31.1-lp150.7.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"libuuid1-32bit-2.31.1-lp150.7.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"libuuid1-32bit-debuginfo-2.31.1-lp150.7.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"python-libmount-2.31.1-lp150.7.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"python-libmount-debuginfo-2.31.1-lp150.7.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", cpu:"x86_64", reference:"python-libmount-debugsource-2.31.1-lp150.7.6.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "python-libmount / python-libmount-debuginfo / etc"); }
NASL family SuSE Local Security Checks NASL id SUSE_SU-2018-3926-1.NASL description This update for util-linux fixes the following issues : The update package also includes non-security fixes. See advisory for details. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 119284 published 2018-11-29 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/119284 title SUSE SLED12 / SLES12 Security Update : util-linux (SUSE-SU-2018:3926-1) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SUSE update advisory SUSE-SU-2018:3926-1. # The text itself is copyright (C) SUSE. # include("compat.inc"); if (description) { script_id(119284); script_version("1.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/24"); script_cve_id("CVE-2018-7738"); script_name(english:"SUSE SLED12 / SLES12 Security Update : util-linux (SUSE-SU-2018:3926-1)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote SUSE host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "This update for util-linux fixes the following issues : The update package also includes non-security fixes. See advisory for details. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1072947" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1078662" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1080740" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1084300" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-7738/" ); # https://www.suse.com/support/update/announcement/2018/suse-su-20183926-1/ script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?18d09d38" ); script_set_attribute( attribute:"solution", value: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'. Alternatively you can run the command listed for your product : SUSE Linux Enterprise Workstation Extension 12-SP3:zypper in -t patch SUSE-SLE-WE-12-SP3-2018-1618=1 SUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t patch SUSE-SLE-SDK-12-SP3-2018-1618=1 SUSE Linux Enterprise Server 12-SP3:zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-1618=1 SUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2018-1618=1 SUSE CaaS Platform ALL : To install this update, use the SUSE CaaS Platform Velum dashboard. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way. SUSE CaaS Platform 3.0 : To install this update, use the SUSE CaaS Platform Velum dashboard. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libblkid1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libblkid1-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libfdisk1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libfdisk1-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libmount1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libmount1-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsmartcols1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsmartcols1-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libuuid-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libuuid1"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libuuid1-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-libmount"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-libmount-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python-libmount-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:util-linux"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:util-linux-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:util-linux-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:util-linux-systemd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:util-linux-systemd-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:util-linux-systemd-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:uuidd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:uuidd-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/03/07"); script_set_attribute(attribute:"patch_publication_date", value:"2018/11/27"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/11/29"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE"); os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE"); os_ver = os_ver[1]; if (! preg(pattern:"^(SLED12|SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED12 / SLES12", "SUSE " + os_ver); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu); sp = get_kb_item("Host/SuSE/patchlevel"); if (isnull(sp)) sp = "0"; if (os_ver == "SLES12" && (! preg(pattern:"^(3)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP3", os_ver + " SP" + sp); if (os_ver == "SLED12" && (! preg(pattern:"^(3)$", string:sp))) audit(AUDIT_OS_NOT, "SLED12 SP3", os_ver + " SP" + sp); flag = 0; if (rpm_check(release:"SLES12", sp:"3", reference:"libblkid1-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"libblkid1-debuginfo-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"libfdisk1-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"libfdisk1-debuginfo-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"libmount1-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"libmount1-debuginfo-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"libsmartcols1-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"libsmartcols1-debuginfo-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"libuuid1-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"libuuid1-debuginfo-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"python-libmount-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"python-libmount-debuginfo-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"python-libmount-debugsource-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"util-linux-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"util-linux-debuginfo-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"util-linux-debugsource-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"util-linux-systemd-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"util-linux-systemd-debuginfo-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"util-linux-systemd-debugsource-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"uuidd-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"uuidd-debuginfo-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"libblkid1-32bit-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"libblkid1-debuginfo-32bit-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"libmount1-32bit-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"libmount1-debuginfo-32bit-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"libuuid1-32bit-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"libuuid1-debuginfo-32bit-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libblkid1-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libblkid1-32bit-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libblkid1-debuginfo-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libblkid1-debuginfo-32bit-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libfdisk1-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libfdisk1-debuginfo-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libmount1-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libmount1-32bit-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libmount1-debuginfo-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libmount1-debuginfo-32bit-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libsmartcols1-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libsmartcols1-debuginfo-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libuuid-devel-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libuuid1-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libuuid1-32bit-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libuuid1-debuginfo-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"libuuid1-debuginfo-32bit-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"python-libmount-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"python-libmount-debuginfo-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"python-libmount-debugsource-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"util-linux-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"util-linux-debuginfo-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"util-linux-debugsource-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"util-linux-systemd-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"util-linux-systemd-debuginfo-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"util-linux-systemd-debugsource-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"uuidd-2.29.2-3.12.1")) flag++; if (rpm_check(release:"SLED12", sp:"3", cpu:"x86_64", reference:"uuidd-debuginfo-2.29.2-3.12.1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "util-linux"); }
NASL family SuSE Local Security Checks NASL id SUSE_SU-2018-2066-1.NASL description This update for util-linux fixes the following security issue : - CVE-2018-7738: Fix local vulnerability using embedded shell commands in a mountpoint name (bsc#1084300) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-21 modified 2019-01-02 plugin id 120059 published 2019-01-02 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/120059 title SUSE SLED15 / SLES15 Security Update : util-linux (SUSE-SU-2018:2066-1) NASL family SuSE Local Security Checks NASL id OPENSUSE-2019-565.NASL description This update for util-linux fixes the following security issue : - CVE-2018-7738: Fix local vulnerability using embedded shell commands in a mountpoint name (bsc#1084300) This update was imported from the SUSE:SLE-15:Update update project. last seen 2020-06-01 modified 2020-06-02 plugin id 123244 published 2019-03-27 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/123244 title openSUSE Security Update : util-linux (openSUSE-2019-565) NASL family SuSE Local Security Checks NASL id OPENSUSE-2018-805.NASL description This update for util-linux fixes the following issues : This non-security issue was fixed : - CVE-2018-7738: bash-completion/umount allowed local users to gain privileges by embedding shell commands in a mountpoint name, which was mishandled during a umount command by a different user (bsc#1084300). These non-security issues were fixed : - Fixed crash loop in lscpu (bsc#1072947). - Fixed possible segfault of umount -a - Fixed mount -a on NFS bind mounts (bsc#1080740). - Fixed lsblk on NVMe (bsc#1078662). This update was imported from the SUSE:SLE-12-SP3:Update update project. last seen 2020-06-05 modified 2018-08-07 plugin id 111567 published 2018-08-07 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/111567 title openSUSE Security Update : util-linux (openSUSE-2018-805) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201803-02.NASL description The remote host is affected by the vulnerability described in GLSA-201803-02 (util-linux: User-assisted execution of arbitrary code) It was discovered that the umount bash-completion as provided by util-linux does not escap mount point paths. Impact : An attacker controlling a volume label could entice a user with privileges to mount/umount filesystems to use umount command with auto completion, possibly resulting in execution of arbitrary code with root privileges. Workaround : Disable Bash-completion or remove “/usr/share/bash-completion/completions/umount”. last seen 2020-06-01 modified 2020-06-02 plugin id 107200 published 2018-03-08 reporter This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/107200 title GLSA-201803-02 : util-linux: User-assisted execution of arbitrary code NASL family Fedora Local Security Checks NASL id FEDORA_2018-668664BA84.NASL description Security fix for CVE-2018-7738 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2018-03-14 plugin id 108308 published 2018-03-14 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/108308 title Fedora 27 : util-linux (2018-668664ba84)
References
- http://www.securityfocus.com/bid/103367
- http://www.securityfocus.com/bid/103367
- https://bugs.debian.org/892179
- https://bugs.debian.org/892179
- https://github.com/karelzak/util-linux/commit/75f03badd7ed9f1dd951863d75e756883d3acc55
- https://github.com/karelzak/util-linux/commit/75f03badd7ed9f1dd951863d75e756883d3acc55
- https://github.com/karelzak/util-linux/issues/539
- https://github.com/karelzak/util-linux/issues/539
- https://security.netapp.com/advisory/ntap-20241213-0002/
- https://usn.ubuntu.com/4512-1/
- https://usn.ubuntu.com/4512-1/
- https://www.debian.org/security/2018/dsa-4134
- https://www.debian.org/security/2018/dsa-4134