Vulnerabilities > CVE-2019-14835

047910
CVSS 7.8 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH

Summary

A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.

Vulnerable Configurations

Part Description Count
OS
Linux
1591
OS
Canonical
5
OS
Debian
3
OS
Fedoraproject
2
OS
Opensuse
2
OS
Netapp
10
OS
Redhat
26
Hardware
Netapp
10
Application
Netapp
5
Application
Redhat
3
Application
Huawei
9

Nessus

  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-2821-1.NASL
    descriptionThis update for the Linux Kernel 3.12.74-60_64_110 fixes several issues. The following security issues were fixed : CVE-2019-10220: Fixed a relative path escape in the Samba client module (bsc#1144903, bsc#1153108). CVE-2019-17133: Fixed a buffer overflow in cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c caused by long SSID IEs (bsc#1153158). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id130423
    published2019-10-31
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130423
    titleSUSE SLES12 Security Update : kernel (SUSE-SU-2019:2821-1) (SACK Panic) (SACK Slowness)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from SUSE update advisory SUSE-SU-2019:2821-1.
    # The text itself is copyright (C) SUSE.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(130423);
      script_version("1.4");
      script_cvs_date("Date: 2019/12/18");
    
      script_cve_id("CVE-2018-5390", "CVE-2019-10220", "CVE-2019-11477", "CVE-2019-11478", "CVE-2019-11487", "CVE-2019-14835", "CVE-2019-17133", "CVE-2019-3846");
    
      script_name(english:"SUSE SLES12 Security Update : kernel (SUSE-SU-2019:2821-1) (SACK Panic) (SACK Slowness)");
      script_summary(english:"Checks rpm output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SUSE host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update for the Linux Kernel 3.12.74-60_64_110 fixes several
    issues.
    
    The following security issues were fixed :
    
    CVE-2019-10220: Fixed a relative path escape in the Samba client
    module (bsc#1144903, bsc#1153108).
    
    CVE-2019-17133: Fixed a buffer overflow in cfg80211_mgd_wext_giwessid
    in net/wireless/wext-sme.c caused by long SSID IEs (bsc#1153158).
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the SUSE security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1102682"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1103203"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1133191"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1136446"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1137597"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1140747"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1144903"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1151021"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1153108"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1153158"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1153161"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=904970"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=907150"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=920615"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=920633"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=930408"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2018-5390/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-10220/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-11477/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-11478/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-11487/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-14835/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-17133/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-3846/"
      );
      # https://www.suse.com/support/update/announcement/2019/suse-su-20192821-1/
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?f782fb1b"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "To install this SUSE Security Update use the SUSE recommended
    installation methods like YaST online_update or 'zypper patch'.
    
    Alternatively you can run the command listed for your product :
    
    SUSE Linux Enterprise Server for SAP 12-SP1:zypper in -t patch
    SUSE-SLE-SAP-12-SP1-2019-2821=1
    
    SUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch
    SUSE-SLE-SERVER-12-SP1-2019-2821=1"
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-10220");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_110-default");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_110-xen");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2018/08/06");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/10/30");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/10/31");
      script_set_attribute(attribute:"in_the_news", value:"true");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
    os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES12", "SUSE " + os_ver);
    
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
    if (cpu >!< "x86_64") audit(AUDIT_ARCH_NOT, "x86_64", cpu);
    
    
    sp = get_kb_item("Host/SuSE/patchlevel");
    if (isnull(sp)) sp = "0";
    if (os_ver == "SLES12" && (! preg(pattern:"^(1)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP1", os_ver + " SP" + sp);
    
    
    flag = 0;
    if (rpm_check(release:"SLES12", sp:"1", cpu:"x86_64", reference:"kgraft-patch-3_12_74-60_64_110-default-6-2.1")) flag++;
    if (rpm_check(release:"SLES12", sp:"1", cpu:"x86_64", reference:"kgraft-patch-3_12_74-60_64_110-xen-6-2.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel");
    }
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-2828.NASL
    descriptionAn update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es) : * A buffer overflow flaw was found in the way Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id129092
    published2019-09-20
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129092
    titleRHEL 8 : kernel-rt (RHSA-2019:2828)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2019:2828. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(129092);
      script_version("1.5");
      script_cvs_date("Date: 2019/12/27");
    
      script_cve_id("CVE-2019-14835");
      script_xref(name:"RHSA", value:"2019:2828");
    
      script_name(english:"RHEL 8 : kernel-rt (RHSA-2019:2828)");
      script_summary(english:"Checks the rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "An update for kernel-rt is now available for Red Hat Enterprise Linux
    8.
    
    Red Hat Product Security has rated this update as having a security
    impact of Important. A Common Vulnerability Scoring System (CVSS) base
    score, which gives a detailed severity rating, is available for each
    vulnerability from the CVE link(s) in the References section.
    
    The kernel-rt packages provide the Real Time Linux Kernel, which
    enables fine-tuning for systems with extremely high determinism
    requirements.
    
    Security Fix(es) :
    
    * A buffer overflow flaw was found in the way Linux kernel's vhost
    functionality that translates virtqueue buffers to IOVs, logged the
    buffer descriptors during migration. A privileged guest user able to
    pass descriptors with invalid length to the host when migration is
    underway, could use this flaw to increase their privileges on the
    host. (CVE-2019-14835)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/vulnerabilities/kernel-vhost"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2019:2828"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2019-14835"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-core");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-core");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-kvm");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-kvm-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-modules");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-modules-extra");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo-common-x86_64");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-kvm");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-kvm-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-modules");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-modules-extra");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:8");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/09/17");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/09/20");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/09/20");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl", "linux_alt_patch_detect.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    include("ksplice.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! preg(pattern:"^8([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 8.x", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    if ("x86_64" >!< cpu) audit(AUDIT_ARCH_NOT, "x86_64", cpu);
    
    if (get_one_kb_item("Host/ksplice/kernel-cves"))
    {
      rm_kb_item(name:"Host/uptrack-uname-r");
      cve_list = make_list("CVE-2019-14835");
      if (ksplice_cves_check(cve_list))
      {
        audit(AUDIT_PATCH_INSTALLED, "KSplice hotfix for RHSA-2019:2828");
      }
      else
      {
        __rpm_report = ksplice_reporting_text();
      }
    }
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2019:2828";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
      if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"kernel-rt-4.18.0-80.11.2.rt9.157.el8_0")) flag++;
      if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"kernel-rt-core-4.18.0-80.11.2.rt9.157.el8_0")) flag++;
      if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"kernel-rt-debug-4.18.0-80.11.2.rt9.157.el8_0")) flag++;
      if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"kernel-rt-debug-core-4.18.0-80.11.2.rt9.157.el8_0")) flag++;
      if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"kernel-rt-debug-debuginfo-4.18.0-80.11.2.rt9.157.el8_0")) flag++;
      if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"kernel-rt-debug-devel-4.18.0-80.11.2.rt9.157.el8_0")) flag++;
      if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"kernel-rt-debug-kvm-4.18.0-80.11.2.rt9.157.el8_0")) flag++;
      if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"kernel-rt-debug-kvm-debuginfo-4.18.0-80.11.2.rt9.157.el8_0")) flag++;
      if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"kernel-rt-debug-modules-4.18.0-80.11.2.rt9.157.el8_0")) flag++;
      if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"kernel-rt-debug-modules-extra-4.18.0-80.11.2.rt9.157.el8_0")) flag++;
      if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"kernel-rt-debuginfo-4.18.0-80.11.2.rt9.157.el8_0")) flag++;
      if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"kernel-rt-debuginfo-common-x86_64-4.18.0-80.11.2.rt9.157.el8_0")) flag++;
      if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"kernel-rt-devel-4.18.0-80.11.2.rt9.157.el8_0")) flag++;
      if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"kernel-rt-kvm-4.18.0-80.11.2.rt9.157.el8_0")) flag++;
      if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"kernel-rt-kvm-debuginfo-4.18.0-80.11.2.rt9.157.el8_0")) flag++;
      if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"kernel-rt-modules-4.18.0-80.11.2.rt9.157.el8_0")) flag++;
      if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"kernel-rt-modules-extra-4.18.0-80.11.2.rt9.157.el8_0")) flag++;
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel-rt / kernel-rt-core / kernel-rt-debug / kernel-rt-debug-core / etc");
      }
    }
    
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2019-A570A92D5A.NASL
    descriptionThe 5.2.17 stable kernel update contains a number of important fixes across the tree. ---- The 5.2.16 stable kernel updates contain a number of important fixes across the tree. ---- The 5.2.15 stable kernel update contains a number of important fixes across the tree. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id129512
    published2019-10-02
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129512
    titleFedora 29 : kernel / kernel-headers / kernel-tools (2019-a570a92d5a)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Fedora Security Advisory FEDORA-2019-a570a92d5a.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(129512);
      script_version("1.3");
      script_cvs_date("Date: 2019/12/23");
    
      script_cve_id("CVE-2019-14821", "CVE-2019-14835");
      script_xref(name:"FEDORA", value:"2019-a570a92d5a");
    
      script_name(english:"Fedora 29 : kernel / kernel-headers / kernel-tools (2019-a570a92d5a)");
      script_summary(english:"Checks rpm output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Fedora host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The 5.2.17 stable kernel update contains a number of important fixes
    across the tree.
    
    ----
    
    The 5.2.16 stable kernel updates contain a number of important fixes
    across the tree.
    
    ----
    
    The 5.2.15 stable kernel update contains a number of important fixes
    across the tree.
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Fedora update system website.
    Tenable has attempted to automatically clean and format it as much as
    possible without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bodhi.fedoraproject.org/updates/FEDORA-2019-a570a92d5a"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "Update the affected kernel, kernel-headers and / or kernel-tools
    packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-14835");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:kernel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:kernel-headers");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:kernel-tools");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:29");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/09/17");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/10/02");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/10/02");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Fedora Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl", "linux_alt_patch_detect.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    include("ksplice.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
    os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
    os_ver = os_ver[1];
    if (! preg(pattern:"^29([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 29", "Fedora " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
    
    if (get_one_kb_item("Host/ksplice/kernel-cves"))
    {
      rm_kb_item(name:"Host/uptrack-uname-r");
      cve_list = make_list("CVE-2019-14821", "CVE-2019-14835");
      if (ksplice_cves_check(cve_list))
      {
        audit(AUDIT_PATCH_INSTALLED, "KSplice hotfix for FEDORA-2019-a570a92d5a");
      }
      else
      {
        __rpm_report = ksplice_reporting_text();
      }
    }
    
    flag = 0;
    if (rpm_check(release:"FC29", reference:"kernel-5.2.17-100.fc29")) flag++;
    if (rpm_check(release:"FC29", reference:"kernel-headers-5.2.17-100.fc29")) flag++;
    if (rpm_check(release:"FC29", reference:"kernel-tools-5.2.17-100.fc29")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel / kernel-headers / kernel-tools");
    }
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-2899.NASL
    descriptionAn update for kernel is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support, Red Hat Enterprise Linux 7.2 Telco Extended Update Support, and Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * A buffer overflow flaw was found in the way Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id129372
    published2019-09-26
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129372
    titleRHEL 7 : kernel (RHSA-2019:2899)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2019:2899. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(129372);
      script_version("1.6");
      script_cvs_date("Date: 2020/02/18");
    
      script_cve_id("CVE-2019-1125", "CVE-2019-14835");
      script_xref(name:"RHSA", value:"2019:2899");
    
      script_name(english:"RHEL 7 : kernel (RHSA-2019:2899)");
      script_summary(english:"Checks the rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "An update for kernel is now available for Red Hat Enterprise Linux 7.2
    Advanced Update Support, Red Hat Enterprise Linux 7.2 Telco Extended
    Update Support, and Red Hat Enterprise Linux 7.2 Update Services for
    SAP Solutions.
    
    Red Hat Product Security has rated this update as having a security
    impact of Important. A Common Vulnerability Scoring System (CVSS) base
    score, which gives a detailed severity rating, is available for each
    vulnerability from the CVE link(s) in the References section.
    
    The kernel packages contain the Linux kernel, the core of any Linux
    operating system.
    
    Security Fix(es) :
    
    * A buffer overflow flaw was found in the way Linux kernel's vhost
    functionality that translates virtqueue buffers to IOVs, logged the
    buffer descriptors during migration. A privileged guest user able to
    pass descriptors with invalid length to the host when migration is
    underway, could use this flaw to increase their privileges on the
    host. (CVE-2019-14835)
    
    * kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125)
    
    For more details about the security issue(s), including the impact, a
    CVSS score, acknowledgments, and other related information, refer to
    the CVE page(s) listed in the References section.
    
    Bug Fix(es) :
    
    * fs deadlock when a memory allocation waits on page writeback in NOFS
    context (BZ#1729103)
    
    * fragmented packets timing out (BZ#1729409)
    
    * kernel build: speed up debuginfo extraction (BZ#1731460)
    
    * use 'make -jN' for modules_install (BZ#1735079)
    
    * shmem: consider shm_mnt as a long-term mount (BZ#1737374)
    
    * raid1d can hang in freeze_array if handling a mix of read and write
    errors (BZ#1737792)
    
    * Backport TCP follow-up for small buffers (BZ#1739125)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/articles/4329821"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/vulnerabilities/kernel-vhost"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2019:2899"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2019-1125"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2019-14835"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debug");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-doc");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-headers");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-tools");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-tools-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:perf");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:perf-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-perf");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.2");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/09/03");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/09/25");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/09/26");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl", "linux_alt_patch_detect.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    include("ksplice.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! preg(pattern:"^7\.2([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 7.2", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    
    if (get_one_kb_item("Host/ksplice/kernel-cves"))
    {
      rm_kb_item(name:"Host/uptrack-uname-r");
      cve_list = make_list("CVE-2019-1125", "CVE-2019-14835");
      if (ksplice_cves_check(cve_list))
      {
        audit(AUDIT_PATCH_INSTALLED, "KSplice hotfix for RHSA-2019:2899");
      }
      else
      {
        __rpm_report = ksplice_reporting_text();
      }
    }
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2019:2899";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
      if (rpm_check(release:"RHEL7", sp:"2", cpu:"x86_64", reference:"kernel-3.10.0-327.82.1.el7")) flag++;
      if (rpm_check(release:"RHEL7", sp:"2", reference:"kernel-abi-whitelists-3.10.0-327.82.1.el7")) flag++;
      if (rpm_check(release:"RHEL7", sp:"2", cpu:"x86_64", reference:"kernel-debug-3.10.0-327.82.1.el7")) flag++;
      if (rpm_check(release:"RHEL7", sp:"2", cpu:"x86_64", reference:"kernel-debug-debuginfo-3.10.0-327.82.1.el7")) flag++;
      if (rpm_check(release:"RHEL7", sp:"2", cpu:"x86_64", reference:"kernel-debug-devel-3.10.0-327.82.1.el7")) flag++;
      if (rpm_check(release:"RHEL7", sp:"2", cpu:"x86_64", reference:"kernel-debuginfo-3.10.0-327.82.1.el7")) flag++;
      if (rpm_check(release:"RHEL7", sp:"2", cpu:"x86_64", reference:"kernel-debuginfo-common-x86_64-3.10.0-327.82.1.el7")) flag++;
      if (rpm_check(release:"RHEL7", sp:"2", cpu:"x86_64", reference:"kernel-devel-3.10.0-327.82.1.el7")) flag++;
      if (rpm_check(release:"RHEL7", sp:"2", reference:"kernel-doc-3.10.0-327.82.1.el7")) flag++;
      if (rpm_check(release:"RHEL7", sp:"2", cpu:"x86_64", reference:"kernel-headers-3.10.0-327.82.1.el7")) flag++;
      if (rpm_check(release:"RHEL7", sp:"2", cpu:"x86_64", reference:"kernel-tools-3.10.0-327.82.1.el7")) flag++;
      if (rpm_check(release:"RHEL7", sp:"2", cpu:"x86_64", reference:"kernel-tools-debuginfo-3.10.0-327.82.1.el7")) flag++;
      if (rpm_check(release:"RHEL7", sp:"2", cpu:"x86_64", reference:"kernel-tools-libs-3.10.0-327.82.1.el7")) flag++;
      if (rpm_check(release:"RHEL7", sp:"2", cpu:"x86_64", reference:"kernel-tools-libs-devel-3.10.0-327.82.1.el7")) flag++;
      if (rpm_check(release:"RHEL7", sp:"2", cpu:"x86_64", reference:"perf-3.10.0-327.82.1.el7")) flag++;
      if (rpm_check(release:"RHEL7", sp:"2", cpu:"x86_64", reference:"perf-debuginfo-3.10.0-327.82.1.el7")) flag++;
      if (rpm_check(release:"RHEL7", sp:"2", cpu:"x86_64", reference:"python-perf-3.10.0-327.82.1.el7")) flag++;
      if (rpm_check(release:"RHEL7", sp:"2", cpu:"x86_64", reference:"python-perf-debuginfo-3.10.0-327.82.1.el7")) flag++;
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel / kernel-abi-whitelists / kernel-debug / etc");
      }
    }
    
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2019-2829.NASL
    descriptionAn update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * A buffer overflow flaw was found in the way Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id129538
    published2019-10-03
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129538
    titleCentOS 7 : kernel (CESA-2019:2829)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2019-2827.NASL
    descriptionFrom Red Hat Security Advisory 2019:2827 : An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * A buffer overflow flaw was found in the way Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id129262
    published2019-09-24
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129262
    titleOracle Linux 8 : kernel (ELSA-2019-2827)
  • NASL familyVirtuozzo Local Security Checks
    NASL idVIRTUOZZO_VZA-2019-089.NASL
    descriptionAccording to the versions of the parallels-server-bm-release / vzkernel / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - hw: Machine Check Error on Page Size Change (IFU) - hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write - Kernel: vhost_net: infinite loop while receiving packets leads to DoS - Kernel: vhost-net: guest to host kernel escape during migration - hw: Intel GPU Denial Of Service while accessing MMIO in lower power state - hw: TSX Transaction Asynchronous Abort (TAA) Note that Tenable Network Security has extracted the preceding description block directly from the Virtuozzo security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id131227
    published2019-11-22
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131227
    titleVirtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2019-089)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-2950-1.NASL
    descriptionThe SUSE Linux Enterprise 12 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a race condition in the Instruction Fetch Unit of the Intel CPU to cause a Machine Exception during Page Size Change, causing the CPU core to be non-functional. The Linux Kernel KVM hypervisor was adjusted to avoid page size changes in executable pages by splitting / merging huge pages into small pages as needed. More information can be found on https://www.suse.com/support/kb/doc/?id=7023735 CVE-2019-11135: Aborting an asynchronous TSX operation on Intel CPUs with Transactional Memory support could be used to facilitate sidechannel information leaks out of microarchitectural buffers, similar to the previously described
    last seen2020-06-01
    modified2020-06-02
    plugin id130950
    published2019-11-13
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130950
    titleSUSE SLES12 Security Update : kernel (SUSE-SU-2019:2950-1) (SACK Panic)
  • NASL familyVirtuozzo Local Security Checks
    NASL idVIRTUOZZO_VZA-2019-074.NASL
    descriptionAccording to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerability : - [3.10.0-693.17.1.vz7.43.10 to 3.10.0-957.12.2.vz7.96.21] vhost-net: guest to host kernel escape during migration. A buffer overflow vulnerability was found in the networking virtualization functionality (vhost-net) that could be abused during live migration of virtual machines. A privileged guest user may pass descriptors with invalid length to the host when live migration is underway to crash the host kernel or, potentially, escalate their privileges on the host. Note that Tenable Network Security has extracted the preceding description block directly from the Virtuozzo security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id133459
    published2020-02-04
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/133459
    titleVirtuozzo 7 : readykernel-patch (VZA-2019-074)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-2830.NASL
    descriptionAn update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es) : * A buffer overflow flaw was found in the way Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id129147
    published2019-09-23
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129147
    titleRHEL 7 : kernel-rt (RHSA-2019:2830)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-2869.NASL
    descriptionAn update for kernel is now available for Red Hat Enterprise Linux 6.6 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * A buffer overflow flaw was found in the way Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id129274
    published2019-09-24
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129274
    titleRHEL 6 : kernel (RHSA-2019:2869)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-2827.NASL
    descriptionAn update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * A buffer overflow flaw was found in the way Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id129091
    published2019-09-20
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129091
    titleRHEL 8 : kernel (RHSA-2019:2827)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-2600-1.NASL
    descriptionThis update for the Linux Kernel 4.4.180-94_100 fixes several issues. The following security issues were fixed : CVE-2019-14835: A buffer overflow flaw was found in the way vhost functionality, that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host (bsc#1151021). CVE-2017-18379: Fixed an out of boundary access that happened in drivers/nvme/target/fc.c (bsc#1145604). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id129746
    published2019-10-09
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129746
    titleSUSE SLES12 Security Update : kernel (SUSE-SU-2019:2600-1)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-2309.NASL
    descriptionAccording to the versions of the kernel packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver.(CVE-2019-15213) - An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/cpia2/cpia2_usb.c driver.(CVE-2019-15215) - An issue was discovered in the Linux kernel before 5.2.3. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/zr364xx/zr364xx.c driver.(CVE-2019-15217) - An issue was discovered in the Linux kernel before 5.1.8. There is a double-free caused by a malicious USB device in the drivers/usb/misc/rio500.c driver.(CVE-2019-15212) - An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c driver.(CVE-2019-15216) - An issue was discovered in drivers/scsi/qedi/qedi_dbg.c in the Linux kernel before 5.1.12. In the qedi_dbg_* family of functions, there is an out-of-bounds read.(CVE-2019-15090) - An issue was discovered in the Linux kernel before 5.0.9. There is a NULL pointer dereference for a cd data structure if alloc_disk fails in drivers/block/paride/pf.c.(CVE-2019-15923) - An issue was discovered in the Linux kernel before 5.0.10. SMB2_negotiate in fs/cifs/smb2pdu.c has an out-of-bounds read because data structures are incompletely updated after a change from smb30 to smb21.(CVE-2019-15918) - An issue was discovered in the Linux kernel before 5.0.9. There is a NULL pointer dereference for a pf data structure if alloc_disk fails in drivers/block/paride/pf.c.(CVE-2019-15922) - An issue was discovered in the Linux kernel before 5.2.3. Out of bounds access exists in the functions ath6kl_wmi_pstream_timeout_event_rx and ath6kl_wmi_cac_event_rx in the file drivers/net/wireless/ath/ath6kl/wmi.c.(CVE-2019-15926) - An issue was discovered in the Linux kernel before 5.0.11. fm10k_init_module in drivers/net/ethernet/intel/fm10k/fm10k_main.c has a NULL pointer dereference because there is no -ENOMEM upon an alloc_workqueue failure.(CVE-2019-15924) - A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id131474
    published2019-12-03
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131474
    titleEulerOS Virtualization for ARM 64 3.0.3.0 : kernel (EulerOS-SA-2019-2309)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-2173.NASL
    descriptionThe openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2017-18551: There was an out of bounds write in the function i2c_smbus_xfer_emulated (bnc#1146163). - CVE-2018-20976: A use after free exists, related to xfs_fs_fill_super failure (bnc#1146285). - CVE-2018-21008: A use-after-free can be caused by the function rsi_mac80211_detach in the file drivers/net/wireless/rsi/rsi_91x_mac80211.c (bnc#1149591). - CVE-2019-14814: A heap overflow in mwifiex_set_uap_rates() function of Marvell was fixed. (bnc#1146512). - CVE-2019-14815: A heap overflow in mwifiex_set_wmm_params() function of Marvell Wifi Driver was fixed. (bnc#1146514). - CVE-2019-14816: A heap overflow in mwifiex_update_vs_ie() function of Marvell Wifi Driver was fixed. (bnc#1146516). - CVE-2019-14835: A vhost/vhost_net kernel buffer overflow could lead to guest to host kernel escape during live migration (bnc#1150112). - CVE-2019-15030: In the Linux kernel on the powerpc platform, a local user can read vector registers of other users
    last seen2020-04-01
    modified2019-09-25
    plugin id129339
    published2019-09-25
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129339
    titleopenSUSE Security Update : the Linux Kernel (openSUSE-2019-2173)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-1940.NASL
    descriptionSeveral vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2019-14821 Matt Delco reported a race condition in KVM
    last seen2020-06-01
    modified2020-06-02
    plugin id129505
    published2019-10-02
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129505
    titleDebian DLA-1940-1 : linux-4.9 security update
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-2866.NASL
    descriptionAn update for kernel is now available for Red Hat Enterprise Linux 7.5 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * A buffer overflow flaw was found in the way Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id129271
    published2019-09-24
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129271
    titleRHEL 7 : kernel (RHSA-2019:2866)
  • NASL familyNewStart CGSL Local Security Checks
    NASL idNEWSTART_CGSL_NS-SA-2019-0189_KERNEL-RT.NASL
    descriptionThe remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel-rt packages installed that are affected by multiple vulnerabilities: - An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory, aka
    last seen2020-03-18
    modified2019-10-15
    plugin id129888
    published2019-10-15
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129888
    titleNewStart CGSL CORE 5.04 / MAIN 5.04 : kernel-rt Multiple Vulnerabilities (NS-SA-2019-0189)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-2863.NASL
    descriptionAn update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * A buffer overflow flaw was found in the way Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id129268
    published2019-09-24
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129268
    titleRHEL 6 : kernel (RHSA-2019:2863)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-2181.NASL
    descriptionThe openSUSE Leap 15.1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2017-18551: There was an out of bounds write in the function i2c_smbus_xfer_emulated (bnc#1146163). - CVE-2018-20976: A use after free exists, related to xfs_fs_fill_super failure (bnc#1146285). - CVE-2018-21008: A use-after-free can be caused by the function rsi_mac80211_detach in the file drivers/net/wireless/rsi/rsi_91x_mac80211.c (bnc#1149591). - CVE-2019-14814, CVE-2019-14815, CVE-2019-14816: Fix three heap-based buffer overflows in marvell wifi chip driver kernel, that allowed local users to cause a denial of service (system crash) or possibly execute arbitrary code. (bnc#1146516 bnc#1146512 bnc#1146514) - CVE-2019-14835: A buffer overflow flaw was found in the way Linux kernel
    last seen2020-04-01
    modified2019-09-25
    plugin id129345
    published2019-09-25
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129345
    titleopenSUSE Security Update : the Linux Kernel (openSUSE-2019-2181)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-1930.NASL
    descriptionSeveral vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2016-10905 A race condition was discovered in the GFS2 file-system implementation, which could lead to a use-after-free. On a system using GFS2, a local attacker could use this for denial of service (memory corruption or crash) or possibly for privilege escalation. CVE-2018-20976 It was discovered that the XFS file-system implementation did not correctly handle some mount failure conditions, which could lead to a use-after-free. The security impact of this is unclear. CVE-2018-21008 It was discovered that the rsi wifi driver did not correctly handle some failure conditions, which could lead to a use-after- free. The security impact of this is unclear. CVE-2019-0136 It was discovered that the wifi soft-MAC implementation (mac80211) did not properly authenticate Tunneled Direct Link Setup (TDLS) messages. A nearby attacker could use this for denial of service (loss of wifi connectivity). CVE-2019-9506 Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen discovered a weakness in the Bluetooth pairing protocols, dubbed the
    last seen2020-06-01
    modified2020-06-02
    plugin id129361
    published2019-09-26
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129361
    titleDebian DLA-1930-1 : linux security update
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-2201.NASL
    descriptionAccording to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc.Security Fix(es):An issue was discovered in the Linux kernel before 5.2.3. Out of bounds access exists in the functions ath6kl_wmi_pstream_timeout_event_rx and ath6kl_wmi_cac_event_rx in the file driverset/wireless/ath/ath6kl/wmi.c.(CVE-2019-15926)An issue was discovered in the Linux kernel before 5.0.6. There is a memory leak issue when idr_alloc() fails in genl_register_family() in netetlink/genetlink.c.(CVE-2019-15921)An issue was discovered in the Linux kernel before 4.20.2. An out-of-bounds access exists in the function build_audio_procunit in the file sound/usb/mixer.c.(CVE-2019-15927)An issue was discovered in the Linux kernel before 5.0.9. There is a use-after-free in atalk_proc_exit, related to net/appletalk/atalk_proc.c, net/appletalk/ddp.c, and net/appletalk/sysctl_net_atalk.c.(CVE-2019-15292)An issue was discovered in fs/xfs/xfs_super.c in the Linux kernel before 4.18. A use after free exists, related to xfs_fs_fill_super failure.(CVE-2018-20976)In the Linux kernel before 5.1.13, there is a memory leak in drivers/scsi/libsas/sas_expander.c when SAS expander discovery fails. This will cause a BUG and denial of service.(CVE-2019-15807)A vulnerability was found in Linux kernel
    last seen2020-05-08
    modified2019-11-08
    plugin id130663
    published2019-11-08
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130663
    titleEulerOS 2.0 SP5 : kernel (EulerOS-SA-2019-2201)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-2867.NASL
    descriptionAn update for kernel is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * A buffer overflow flaw was found in the way Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id129272
    published2019-09-24
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129272
    titleRHEL 7 : kernel (RHSA-2019:2867)
  • NASL familyOracleVM Local Security Checks
    NASL idORACLEVM_OVMSA-2019-0056.NASL
    descriptionThe remote OracleVM system is missing necessary patches to address critical security updates : - ocfs2: protect extent tree in ocfs2_prepare_inode_for_write (Shuning Zhang) [Orabug: 30036349] - ocfs2: direct-IO: protect get_blocks (Junxiao Bi) [Orabug: 30036349] - SUNRPC: Remove xprt_connect_status (Trond Myklebust) [Orabug: 30165838] - SUNRPC: Handle ENETDOWN errors (Trond Myklebust) [Orabug: 30165838] - vhost: make sure log_num < in_num (yongduan) [Orabug: 30312787] (CVE-2019-14835) - vhost: block speculation of translated descriptors (Michael S. Tsirkin) [Orabug: 30312787] (CVE-2019-14835) - vhost: Fix Spectre V1 vulnerability (Jason Wang) [Orabug: 30312787] - array_index_nospec: Sanitize speculative array de-references (Dan Williams) [Orabug: 30312787] - net: hsr: fix memory leak in hsr_dev_finalize (Mao Wenan) [Orabug: 30444853] (CVE-2019-16995) - ieee802154: enforce CAP_NET_RAW for raw sockets (Ori Nimron) [Orabug: 30444946] (CVE-2019-17053) - mISDN: enforce CAP_NET_RAW for raw sockets (Ori Nimron) [Orabug: 30445158] (CVE-2019-17055) - net: sit: fix memory leak in sit_init_net (Mao Wenan) [Orabug: 30445305] (CVE-2019-16994) - media: dvb: usb: fix use after free in dvb_usb_device_exit (Oliver Neukum) [Orabug: 30490491] (CVE-2019-15213) - media: cpia2_usb: first wake up, then free in disconnect (Oliver Neukum) [Orabug: 30511741] (CVE-2019-15215) - media: usb:zr364xx:Fix KASAN:null-ptr-deref Read in zr364xx_vidioc_querycap (Vandana BN) [Orabug: 30532774] (CVE-2019-15217) - target: Propagate backend read-only to core_tpg_add_lun (Nicholas Bellinger) [Orabug: 30538419] - kvm: mmu: ITLB_MULTIHIT mitigation selection (Kanth Ghatraju) [Orabug: 30539766] - cpu/speculation: Uninline and export CPU mitigations helpers (Kanth Ghatraju) [Orabug: 30539766] - rds: Use correct conn when dropping connections due to cancel (H&aring kon Bugge) [Orabug: 30316058] - rds: ib: Optimize rds_ib_laddr_check (H&aring kon Bugge) [Orabug: 30327671] - rds: Bring loop-back peer down as well (H&aring kon Bugge) [Orabug: 30271704] - rds: ib: Avoid connect retry on loopback connections (H&aring kon Bugge) - rds: ib: Qualify CM REQ duplicate detection with connection being up (H&aring kon Bugge) [Orabug: 30062150] - rds: Further prioritize local loop-back connections (H&aring kon Bugge) - rds: Fix initial zero delay when queuing re-connect work (H&aring kon Bugge) - rds: Re-introduce separate work-queue for local connections (H&aring kon Bugge) [Orabug: 30062150] - rds: Re-factor and avoid superfluous queuing of shutdown work (H&aring kon Bugge) [Orabug: 29994551] - rds: ib: Flush ARP cache when connection attempt is rejected (H&aring kon Bugge) [Orabug: 29994550] - rds: ib: Fix incorrect setting of cp_reconnect_racing (H&aring kon Bugge) - RDMA/cma: Make # CM retries configurable (H&aring kon Bugge) [Orabug: 29994555] - rds: Re-factor and avoid superfluous queuing of reconnect work (H&aring kon Bugge) [Orabug: 29994558] - rds: ib: Correct the cm_id compare commit (H&aring kon Bugge) [Orabug: 29994560] - rds: Increase entropy in hashing (H&aring kon Bugge) [Orabug: 29994561] - rds: ib: Resurrect the CQs instead of delete+create (H&aring kon Bugge) - rds: Avoid queuing superfluous send and recv work (H&aring kon Bugge) - x86/tsx: Add config options to set tsx=on|off|auto (Michal Hocko) [Orabug: 30517133] (CVE-2019-11135) - x86/speculation/taa: Add documentation for TSX Async Abort (Pawan Gupta) [Orabug: 30517133] (CVE-2019-11135) - x86/tsx: Add
    last seen2020-06-01
    modified2020-06-02
    plugin id131208
    published2019-11-22
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131208
    titleOracleVM 3.4 : Unbreakable / etc (OVMSA-2019-0056)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-2865.NASL
    descriptionAn update for kpatch-patch is now available for RHEL-7.6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. Security Fix(es) : * A buffer overflow flaw was found in the way Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id129270
    published2019-09-24
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129270
    titleRHEL 7 : kpatch-patch (RHSA-2019:2865)
  • NASL familyNewStart CGSL Local Security Checks
    NASL idNEWSTART_CGSL_NS-SA-2019-0212_KERNEL.NASL
    descriptionThe remote NewStart CGSL host, running version MAIN 4.06, has kernel packages installed that are affected by multiple vulnerabilities: - In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-113509306. References: Upstream kernel. (CVE-2018-9568) - An issue was discovered in the Linux kernel before 5.0.7. A NULL pointer dereference can occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This causes a Denial of Service, related to a use-after-free. (CVE-2019-11810) - A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id131776
    published2019-12-06
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131776
    titleNewStart CGSL MAIN 4.06 : kernel Multiple Vulnerabilities (NS-SA-2019-0212)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-2738-1.NASL
    descriptionThe SUSE Linux Enterprise 15 SP1 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2019-14835: A buffer overflow flaw was found in the way Linux kernel
    last seen2020-04-01
    modified2019-10-23
    plugin id130163
    published2019-10-23
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130163
    titleSUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:2738-1)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2019-4850.NASL
    descriptionDescription of changes: [4.1.12-124.33.4.el7uek] - ocfs2: protect extent tree in ocfs2_prepare_inode_for_write() (Shuning Zhang) [Orabug: 30036349] - ocfs2: direct-IO: protect get_blocks (Junxiao Bi) [Orabug: 30036349] - SUNRPC: Remove xprt_connect_status() (Trond Myklebust) [Orabug: 30165838] - SUNRPC: Handle ENETDOWN errors (Trond Myklebust) [Orabug: 30165838] - vhost: make sure log_num < in_num (yongduan) [Orabug: 30312787] {CVE-2019-14835} - vhost: block speculation of translated descriptors (Michael S. Tsirkin) [Orabug: 30312787] {CVE-2019-14835} - vhost: Fix Spectre V1 vulnerability (Jason Wang) [Orabug: 30312787] - array_index_nospec: Sanitize speculative array de-references (Dan Williams) [Orabug: 30312787] - net: hsr: fix memory leak in hsr_dev_finalize() (Mao Wenan) [Orabug: 30444853] {CVE-2019-16995} - ieee802154: enforce CAP_NET_RAW for raw sockets (Ori Nimron) [Orabug: 30444946] {CVE-2019-17053} - mISDN: enforce CAP_NET_RAW for raw sockets (Ori Nimron) [Orabug: 30445158] {CVE-2019-17055} - net: sit: fix memory leak in sit_init_net() (Mao Wenan) [Orabug: 30445305] {CVE-2019-16994} - media: dvb: usb: fix use after free in dvb_usb_device_exit (Oliver Neukum) [Orabug: 30490491] {CVE-2019-15213} - media: cpia2_usb: first wake up, then free in disconnect (Oliver Neukum) [Orabug: 30511741] {CVE-2019-15215} - media: usb:zr364xx:Fix KASAN:null-ptr-deref Read in zr364xx_vidioc_querycap (Vandana BN) [Orabug: 30532774] {CVE-2019-15217} - target: Propagate backend read-only to core_tpg_add_lun (Nicholas Bellinger) [Orabug: 30538419] - kvm: mmu: ITLB_MULTIHIT mitigation selection (Kanth Ghatraju) [Orabug: 30539766] - cpu/speculation: Uninline and export CPU mitigations helpers (Kanth Ghatraju) [Orabug: 30539766] [4.1.12-124.33.3.el7uek] - rds: Use correct conn when dropping connections due to cancel (H&aring kon Bugge) [Orabug: 30316058] - rds: ib: Optimize rds_ib_laddr_check (H&aring kon Bugge) [Orabug: 30327671] - rds: Bring loop-back peer down as well (H&aring kon Bugge) [Orabug: 30271704] - rds: ib: Avoid connect retry on loopback connections (H&aring kon Bugge) [Orabug: 30271704] - rds: ib: Qualify CM REQ duplicate detection with connection being up (H&aring kon Bugge) [Orabug: 30062150] - rds: Further prioritize local loop-back connections (H&aring kon Bugge) [Orabug: 30062150] - rds: Fix initial zero delay when queuing re-connect work (H&aring kon Bugge) [Orabug: 30062150] - rds: Re-introduce separate work-queue for local connections (H&aring kon Bugge) [Orabug: 30062150] - rds: Re-factor and avoid superfluous queuing of shutdown work (H&aring kon Bugge) [Orabug: 29994551] - rds: ib: Flush ARP cache when connection attempt is rejected (H&aring kon Bugge) [Orabug: 29994550] - rds: ib: Fix incorrect setting of cp_reconnect_racing (H&aring kon Bugge) [Orabug: 29994553] - RDMA/cma: Make # CM retries configurable (H&aring kon Bugge) [Orabug: 29994555] - rds: Re-factor and avoid superfluous queuing of reconnect work (H&aring kon Bugge) [Orabug: 29994558] - rds: ib: Correct the cm_id compare commit (H&aring kon Bugge) [Orabug: 29994560] - rds: Increase entropy in hashing (H&aring kon Bugge) [Orabug: 29994561] - rds: ib: Resurrect the CQs instead of delete+create (H&aring kon Bugge) [Orabug: 29994566] - rds: Avoid queuing superfluous send and recv work (H&aring kon Bugge) [Orabug: 29994564] [4.1.12-124.33.2.el7uek] - x86/tsx: Add config options to set tsx=on|off|auto (Michal Hocko) [Orabug: 30517133] {CVE-2019-11135} - x86/speculation/taa: Add documentation for TSX Async Abort (Pawan Gupta) [Orabug: 30517133] {CVE-2019-11135} - x86/tsx: Add
    last seen2020-06-01
    modified2020-06-02
    plugin id131174
    published2019-11-21
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131174
    titleOracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4850)
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2019-1293.NASL
    descriptionAn out-of-bounds access issue was found in the way Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id129407
    published2019-09-30
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129407
    titleAmazon Linux AMI : kernel (ALAS-2019-1293)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20190923_KERNEL_ON_SL6_X.NASL
    descriptionSecurity Fix(es) : - A buffer overflow flaw was found in the way Linux kernel
    last seen2020-03-18
    modified2019-09-24
    plugin id129278
    published2019-09-24
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129278
    titleScientific Linux Security Update : kernel on SL6.x i386/x86_64 (20190923)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-2648-1.NASL
    descriptionThe SUSE Linux Enterprise 12 SP4 for Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2019-15291: There was a NULL pointer dereference caused by a malicious USB device in the flexcop_usb_probe function in the drivers/media/usb/b2c2/flexcop-usb.c driver (bnc#1146540). CVE-2019-14821: An out-of-bounds access issue was found in the way Linux kernel
    last seen2020-04-01
    modified2019-10-14
    plugin id129845
    published2019-10-14
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129845
    titleSUSE SLES12 Security Update : kernel (SUSE-SU-2019:2648-1)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-3200-1.NASL
    descriptionThe SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2019-19081: Fixed a memory leak in the nfp_flower_spawn_vnic_reprs() could have allowed attackers to cause a denial of service (bsc#1157045). CVE-2019-19080: Fixed four memory leaks in the nfp_flower_spawn_phy_reprs() could have allowed attackers to cause a denial of service (bsc#1157044). CVE-2019-19052: Fixed a memory leak in the gs_can_open() which could have led to denial of service (bsc#1157324). CVE-2019-19067: Fixed multiple memory leaks in acp_hw_init (bsc#1157180). CVE-2019-19060: Fixed a memory leak in the adis_update_scan_mode() which could have led to denial of service (bsc#1157178). CVE-2019-19049: Fixed a memory leak in unittest_data_add (bsc#1157173). CVE-2019-19075: Fixed a memory leak in the ca8210_probe() which could have led to denial of service by triggering ca8210_get_platform_data() failures (bsc#1157162). CVE-2019-19058: Fixed a memory leak in the alloc_sgtable() which could have led to denial of service by triggering alloc_page() failures (bsc#1157145). CVE-2019-19074: Fixed a memory leak in the ath9k_wmi_cmd() function which could have led to denial of service (bsc#1157143). CVE-2019-19073: Fixed multiple memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c which could have led to denial of service by triggering wait_for_completion_timeout() failures (bsc#1157070). CVE-2019-19083: Fixed multiple memory leaks in *clock_source_create() functions which could have led to denial of service (bsc#1157049). CVE-2019-19082: Fixed multiple memory leaks in *create_resource_pool() which could have led to denial of service (bsc#1157046). CVE-2019-15916: Fixed a memory leak in register_queue_kobjects() which might have led denial of service (bsc#1149448). CVE-2019-0154: Fixed an improper access control in subsystem for Intel (R) processor graphics whichs may have allowed an authenticated user to potentially enable denial of service via local access (bsc#1135966). CVE-2019-0155: Fixed an improper access control in subsystem for Intel (R) processor graphics whichs may have allowed an authenticated user to potentially enable escalation of privilege via local access (bsc#1135967). CVE-2019-16231: Fixed a NULL pointer dereference due to lack of checking the alloc_workqueue return value (bsc#1150466). CVE-2019-18805: Fixed an integer overflow in tcp_ack_update_rtt() leading to a denial of service or possibly unspecified other impact (bsc#1156187). CVE-2019-17055: Enforced CAP_NET_RAW in the AF_ISDN network module to restrict unprivileged users to create a raw socket (bsc#1152782). CVE-2019-16995: Fixed a memory leak in hsr_dev_finalize() which may have caused denial of service (bsc#1152685). CVE-2019-16233: drivers/scsi/qla2xxx/qla_os.c did not check the alloc_workqueue return value, leading to a NULL pointer dereference. (bsc#1150457). CVE-2019-10220: Added sanity checks on the pathnames passed to the user space. (bsc#1144903) CVE-2019-17666: rtlwifi: Fix potential overflow in P2P code (bsc#1154372). CVE-2019-17056: The AF_NFC network module did not enforce CAP_NET_RAW, which meant that unprivileged users could create a raw socket (bsc#1152788). CVE-2019-14821: An out-of-bounds access issue was fixed in the kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id131833
    published2019-12-09
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131833
    titleSUSE SLES12 Security Update : kernel (SUSE-SU-2019:3200-1)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2020-0093-1.NASL
    descriptionThe SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2019-20095: mwifiex_tm_cmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c had some error-handling cases that did not free allocated hostcmd memory. This will cause a memory leak and denial of service (bnc#1159909). CVE-2019-20054: Fixed a a NULL pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c, related to put_links (bnc#1159910). CVE-2019-20096: Fixed a memory leak in __feat_register_sp() in net/dccp/feat.c, which may cause denial of service (bnc#1159908). CVE-2019-19966: Fixed a use-after-free in cpia2_exit() in drivers/media/usb/cpia2/cpia2_v4l.c that will cause denial of service (bnc#1159841). CVE-2019-19447: Mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c, related to dump_orphan_list in fs/ext4/super.c (bnc#1158819). CVE-2019-19319: A setxattr operation, after a mount of a crafted ext4 image, can cause a slab-out-of-bounds write access because of an ext4_xattr_set_entry use-after-free in fs/ext4/xattr.c when a large old_size value is used in a memset call (bnc#1158021). CVE-2019-19767: Fixed mishandling of ext4_expand_extra_isize, as demonstrated by use-after-free errors in __ext4_expand_extra_isize and ext4_xattr_set_entry, related to fs/ext4/inode.c and fs/ext4/super.c (bnc#1159297). CVE-2019-18808: A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c allowed attackers to cause a denial of service (memory consumption) (bnc#1156259). CVE-2019-16746: An issue was discovered in net/wireless/nl80211.c where the length of variable elements in a beacon head were not checked, leading to a buffer overflow (bnc#1152107). CVE-2019-19066: A memory leak in the bfad_im_get_stats() function in drivers/scsi/bfa/bfad_attr.c allowed attackers to cause a denial of service (memory consumption) by triggering bfa_port_get_stats() failures (bnc#1157303). CVE-2019-19051: There was a memory leak in the i2400m_op_rfkill_sw_toggle() function in drivers/net/wimax/i2400m/op-rfkill.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) (bnc#1159024). CVE-2019-19338: There was an incomplete fix for Transaction Asynchronous Abort (TAA) (bnc#1158954). CVE-2019-19332: There was an OOB memory write via kvm_dev_ioctl_get_cpuid (bnc#1158827). CVE-2019-19537: There was a race condition bug that can be caused by a malicious USB device in the USB character device driver layer (bnc#1158904). CVE-2019-19535: There was an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_fd.c driver (bnc#1158903). CVE-2019-19527: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/hid/usbhid/hiddev.c driver (bnc#1158900). CVE-2019-19526: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/nfc/pn533/usb.c driver (bnc#1158893). CVE-2019-19533: There was an info-leak bug that can be caused by a malicious USB device in the drivers/media/usb/ttusb-dec/ttusb_dec.c driver (bnc#1158834). CVE-2019-19532: There were multiple out-of-bounds write bugs that can be caused by a malicious USB device in the Linux kernel HID drivers (bnc#1158824). CVE-2019-19523: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/adutux.c driver, aka CID-44efc269db79 (bnc#1158381 1158823 1158834). CVE-2019-15213: There was a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver (bnc#1146544). CVE-2019-19531: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/yurex.c driver (bnc#1158445). CVE-2019-19543: There was a use-after-free in serial_ir_init_module() in drivers/media/rc/serial_ir.c (bnc#1158427). CVE-2019-19525: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/net/ieee802154/atusb.c driver (bnc#1158417). CVE-2019-19530: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/class/cdc-acm.c driver (bnc#1158410). CVE-2019-19536: There was an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_pro.c driver (bnc#1158394). CVE-2019-19524: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/input/ff-memless.c driver (bnc#1158413). CVE-2019-19528: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/iowarrior.c driver (bnc#1158407). CVE-2019-19534: There was an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_core.c driver (bnc#1158398). CVE-2019-19529: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcba_usb.c driver (bnc#1158381). CVE-2019-14901: A heap overflow flaw was found in the Linux kernel in Marvell WiFi chip driver. The vulnerability allowed a remote attacker to cause a system crash, resulting in a denial of service, or execute arbitrary code. The highest threat with this vulnerability is with the availability of the system. If code execution occurs, the code will run with the permissions of root. This will affect both confidentiality and integrity of files on the system (bnc#1157042). CVE-2019-14895: A heap-based buffer overflow was discovered in the Linux kernel in Marvell WiFi chip driver. The flaw could occur when the station attempts a connection negotiation during the handling of the remote devices country settings. This could have allowed the remote device to cause a denial of service (system crash) or possibly execute arbitrary code (bnc#1157158). CVE-2019-18660: The Linux kernel on powerpc allowed Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs. This is related to arch/powerpc/kernel/entry_64.S and arch/powerpc/kernel/security.c (bnc#1157038). CVE-2019-18683: An issue was discovered in drivers/media/platform/vivid in the Linux kernel. It is exploitable for privilege escalation on some Linux distributions where local users have /dev/video0 access, but only if the driver happens to be loaded. There are multiple race conditions during streaming stopping in this driver (part of the V4L2 subsystem). These issues are caused by wrong mutex locking in vivid_stop_generating_vid_cap(), vivid_stop_generating_vid_out(), sdr_cap_stop_streaming(), and the corresponding kthreads. At least one of these race conditions leads to a use-after-free (bnc#1155897). CVE-2019-18809: A memory leak in the af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) (bnc#1156258). CVE-2019-19046: A memory leak in the __ipmi_bmc_register() function in drivers/char/ipmi/ipmi_msghandler.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering ida_simple_get() failure (bnc#1157304). CVE-2019-19078: A memory leak in the ath10k_usb_hif_tx_sg() function in drivers/net/wireless/ath/ath10k/usb.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures (bnc#1157032). CVE-2019-19062: A memory leak in the crypto_report() function in crypto/crypto_user_base.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering crypto_report_alg() failures (bnc#1157333). CVE-2019-19057: Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures (bnc#1157197). CVE-2019-19056: A memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures (bnc#1157197). CVE-2019-19068: A memory leak in the rtl8xxxu_submit_int_urb() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures (bnc#1157307). CVE-2019-19063: Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) (bnc#1157298). CVE-2019-19227: In the AppleTalk subsystem in the Linux kernel there was a potential NULL pointer dereference because register_snap_client may return NULL. This will lead to denial of service in net/appletalk/aarp.c and net/appletalk/ddp.c, as demonstrated by unregister_snap_client (bnc#1157678). CVE-2019-19081: A memory leak in the nfp_flower_spawn_vnic_reprs() function in drivers/net/ethernet/netronome/nfp/flower/main.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) (bnc#1157045). CVE-2019-19080: Four memory leaks in the nfp_flower_spawn_phy_reprs() function in drivers/net/ethernet/netronome/nfp/flower/main.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) (bnc#1157044). CVE-2019-19065: A memory leak in the sdma_init() function in drivers/infiniband/hw/hfi1/sdma.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering rhashtable_init() failures (bnc#1157191). CVE-2019-19077: A memory leak in the bnxt_re_create_srq() function in drivers/infiniband/hw/bnxt_re/ib_verbs.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering copy to udata failures (bnc#1157171). CVE-2019-19052: A memory leak in the gs_can_open() function in drivers/net/can/usb/gs_usb.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures (bnc#1157324). CVE-2019-19067: Four memory leaks in the acp_hw_init() function in drivers/gpu/drm/amd/amdgpu/amdgpu_acp.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering mfd_add_hotplug_devices() or pm_genpd_add_device() failures (bsc#1157180). CVE-2019-19060: A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) (bnc#1157178). CVE-2019-19049: A memory leak in the unittest_data_add() function in drivers/of/unittest.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering of_fdt_unflatten_tree() failures (bsc#1157173). CVE-2019-19075: A memory leak in the ca8210_probe() function in drivers/net/ieee802154/ca8210.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering ca8210_get_platform_data() failures (bnc#1157162). CVE-2019-19058: A memory leak in the alloc_sgtable() function in drivers/net/wireless/intel/iwlwifi/fw/dbg.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering alloc_page() failures (bnc#1157145). CVE-2019-19074: A memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ath/ath9k/wmi.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) (bnc#1157143). CVE-2019-19073: Fixed memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c allowed attackers to cause a denial of service (memory consumption) by triggering wait_for_completion_timeout() failures (bnc#1157070). CVE-2019-19083: Memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel allowed attackers to cause a denial of service (memory consumption) (bnc#1157049). CVE-2019-19082: Memory leaks in *create_resource_pool() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel allowed attackers to cause a denial of service (memory consumption) (bnc#1157046). CVE-2019-15916: An issue was discovered in the Linux kernel There was a memory leak in register_queue_kobjects() in net/core/net-sysfs.c, which will cause denial of service (bnc#1149448). CVE-2019-0154: Insufficient access control in subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6 and E-2100 Processor Families may have allowed an authenticated user to potentially enable denial of service via local access (bnc#1135966). CVE-2019-0155: Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6, E-2100 and E-2200 Processor Families; Intel(R) Graphics Driver for Windows (DCH) or 26.20.100.6812 and before 21.20.x.5077 (aka15.45.5077), i915 Linux Driver for Intel(R) Processor Graphics before versions 5.4-rc7, 5.3.11, 4.19.84, 4.14.154, 4.9.201, 4.4.201 may have allowed an authenticated user to potentially enable escalation of privilege via local access (bnc#1135967). CVE-2019-16231: drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 did not check the alloc_workqueue return value, leading to a NULL pointer dereference (bnc#1150466). CVE-2019-18805: An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel There was a net/ipv4/tcp_input.c signed integer overflow in tcp_ack_update_rtt() when userspace writes a very large integer to /proc/sys/net/ipv4/tcp_min_rtt_wlen, leading to a denial of service or possibly unspecified other impact (bnc#1156187). CVE-2019-17055: base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel did not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket (bnc#1152782). CVE-2019-16995: In the Linux kernel before 5.0.3, a memory leak exits in hsr_dev_finalize() in net/hsr/hsr_device.c if hsr_add_port fails to add a port, which may cause denial of service, aka CID-6caabe7f197d (bnc#1152685). CVE-2019-11135: TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may have allowed an authenticated user to potentially enable information disclosure via a side channel with local access (bnc#1139073). CVE-2019-16233: drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 did not check the alloc_workqueue return value, leading to a NULL pointer dereference (bnc#1150457). CVE-2018-12207: Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may have allowed an authenticated user to potentially enable denial of service of the host system via local access (bnc#1117665). CVE-2019-10220: Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists (bnc#1144903). CVE-2019-17666: rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel lacks a certain upper-bound check, leading to a buffer overflow (bnc#1154372). CVE-2019-16232: drivers/net/wireless/marvell/libertas/if_sdio.c did not check the alloc_workqueue return value, leading to a NULL pointer dereference (bnc#1150465). CVE-2019-16234: drivers/net/wireless/intel/iwlwifi/pcie/trans.c did not check the alloc_workqueue return value, leading to a NULL pointer dereference (bnc#1150452). CVE-2019-17133: cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c did not reject a long SSID IE, leading to a Buffer Overflow (bnc#1153158). CVE-2019-17056: llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module in the Linux kernel did not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-3a359798b176 (bnc#1152788). CVE-2019-14821: An out-of-bounds access issue was found in the way Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id132925
    published2020-01-15
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/132925
    titleSUSE SLES12 Security Update : kernel (SUSE-SU-2020:0093-1)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-2854.NASL
    descriptionAn update for kpatch-patch is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. Security Fix(es) : * A buffer overflow flaw was found in the way Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id129150
    published2019-09-23
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129150
    titleRHEL 7 : kpatch-patch (RHSA-2019:2854)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-4531.NASL
    descriptionSeveral vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. - CVE-2019-14821 Matt Delco reported a race condition in KVM
    last seen2020-06-01
    modified2020-06-02
    plugin id129306
    published2019-09-25
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129306
    titleDebian DSA-4531-1 : linux - security update
  • NASL familyNewStart CGSL Local Security Checks
    NASL idNEWSTART_CGSL_NS-SA-2019-0253_KERNEL-RT.NASL
    descriptionThe remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has kernel-rt packages installed that are affected by multiple vulnerabilities: - A flaw was found in the Linux kernel
    last seen2020-05-08
    modified2019-12-31
    plugin id132495
    published2019-12-31
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/132495
    titleNewStart CGSL CORE 5.05 / MAIN 5.05 : kernel-rt Multiple Vulnerabilities (NS-SA-2019-0253)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-2889.NASL
    descriptionAn update for redhat-release-virtualization-host and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The redhat-virtualization-host packages provide the Red Hat Virtualization Host. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host
    last seen2020-06-01
    modified2020-06-02
    plugin id129371
    published2019-09-26
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129371
    titleRHEL 7 : Virtualization Manager (RHSA-2019:2889)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-2984-1.NASL
    descriptionThe SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a race condition in the Instruction Fetch Unit of the Intel CPU to cause a Machine Exception during Page Size Change, causing the CPU core to be non-functional. The Linux Kernel kvm hypervisor was adjusted to avoid page size changes in executable pages by splitting / merging huge pages into small pages as needed. More information can be found on https://www.suse.com/support/kb/doc/?id=7023735 CVE-2019-16995: Fix a memory leak in hsr_dev_finalize() if hsr_add_port failed to add a port, which may have caused denial of service (bsc#1152685). CVE-2019-11135: Aborting an asynchronous TSX operation on Intel CPUs with Transactional Memory support could be used to facilitate sidechannel information leaks out of microarchitectural buffers, similar to the previously described
    last seen2020-06-01
    modified2020-06-02
    plugin id131120
    published2019-11-18
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131120
    titleSUSE SLES12 Security Update : kernel (SUSE-SU-2019:2984-1)
  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2019-1_0-0252_LINUX.NASL
    descriptionAn update of the linux package has been released.
    last seen2020-06-01
    modified2020-06-02
    plugin id129785
    published2019-10-11
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129785
    titlePhoton OS 1.0: Linux PHSA-2019-1.0-0252
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20190920_KERNEL_ON_SL7_X.NASL
    descriptionSecurity Fix(es) : - A buffer overflow flaw was found in the way Linux kernel
    last seen2020-03-18
    modified2019-09-23
    plugin id129152
    published2019-09-23
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129152
    titleScientific Linux Security Update : kernel on SL7.x x86_64 (20190920)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-2901.NASL
    descriptionAn update for kernel is now available for Red Hat Enterprise Linux 6.5 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * A buffer overflow flaw was found in the way Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id129374
    published2019-09-26
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129374
    titleRHEL 6 : kernel (RHSA-2019:2901)
  • NASL familyAmazon Linux Local Security Checks
    NASL idAL2_ALAS-2019-1293.NASL
    descriptionAn out-of-bounds access issue was found in the way Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id129392
    published2019-09-27
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129392
    titleAmazon Linux 2 : kernel (ALAS-2019-1293)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-2924.NASL
    descriptionAn update for redhat-release-virtualization-host and redhat-virtualization-host is now available for Red Hat Virtualization 4.2 for Red Hat Enterprise Linux 7.6 EUS. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host
    last seen2020-06-01
    modified2020-06-02
    plugin id129479
    published2019-10-01
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129479
    titleRHEL 7 : Virtualization Manager (RHSA-2019:2924)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-2414-1.NASL
    descriptionThe SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following new features were implemented : jsc#SLE-4875: [CML] New device IDs for CML jsc#SLE-7294: Add cpufreq driver for Raspberry Pi fate#321840: Reduce memory required to boot capture kernel while using fadump fate#326869: perf: pmu mem_load/store event support fate:327775: vpmem: DRAM backed persistent volumes for improved SAP HANA on POWER restart times The following security bugs were fixed: CVE-2019-14814, CVE-2019-14815, CVE-2019-14816: Fix three heap-based buffer overflows in marvell wifi chip driver kernel, that allowed local users to cause a denial of service (system crash) or possibly execute arbitrary code. (bnc#1146516) CVE-2019-15216: Fix a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c driver. (bsc#1146361). CVE-2019-14835: Fix QEMU-KVM Guest to Host Kernel Escape. (bsc#1150112). CVE-2019-15924: Fix a NULL pointer dereference because there was no -ENOMEM upon an alloc_workqueue failure. (bsc#1149612). CVE-2019-9456: In Pixel C USB monitor driver there was a possible OOB write due to a missing bounds check. This could have lead to local escalation of privilege with System execution privileges needed. (bsc#1150025 CVE-2019-9456). CVE-2019-15030, CVE-2019-15031: On the powerpc platform, a local user could read vector registers of other users
    last seen2020-04-01
    modified2019-09-23
    plugin id129156
    published2019-09-23
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129156
    titleSUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:2414-1)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2019-4820.NASL
    descriptionThe remote Oracle Linux host is missing a security update for the Unbreakable Enterprise kernel package(s).
    last seen2020-04-01
    modified2019-10-14
    plugin id129841
    published2019-10-14
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129841
    titleOracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2019-4820)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-2829.NASL
    descriptionAn update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * A buffer overflow flaw was found in the way Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id129146
    published2019-09-23
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129146
    titleRHEL 7 : kernel (RHSA-2019:2829)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2019-4789.NASL
    descriptionDescription of changes: [4.14.35-1902.5.2.1.el7uek] - vhost: make sure log_num < in_num (yongduan) [Orabug: 30312787] {CVE-2019-14835} - vhost: block speculation of translated descriptors (Michael S. Tsirkin) [Orabug: 30312787] {CVE-2019-14835} - vhost: Fix Spectre V1 vulnerability (Jason Wang) [Orabug: 30312787]
    last seen2020-06-01
    modified2020-06-02
    plugin id128981
    published2019-09-18
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/128981
    titleOracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2019-4789)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2019-2829.NASL
    descriptionFrom Red Hat Security Advisory 2019:2829 : An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * A buffer overflow flaw was found in the way Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id129138
    published2019-09-23
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129138
    titleOracle Linux 7 : kernel (ELSA-2019-2829)
  • NASL familyNewStart CGSL Local Security Checks
    NASL idNEWSTART_CGSL_NS-SA-2019-0200_KERNEL.NASL
    descriptionThe remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel packages installed that are affected by multiple vulnerabilities: - An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory, aka
    last seen2020-03-18
    modified2019-10-15
    plugin id129924
    published2019-10-15
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129924
    titleNewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2019-0200)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2019-2863.NASL
    descriptionFrom Red Hat Security Advisory 2019:2863 : An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * A buffer overflow flaw was found in the way Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id129263
    published2019-09-24
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129263
    titleOracle Linux 6 : kernel (ELSA-2019-2863)
  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2019-1_0-0255_LINUX.NASL
    descriptionAn update of the linux package has been released.
    last seen2020-06-01
    modified2020-06-02
    plugin id129683
    published2019-10-07
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129683
    titlePhoton OS 1.0: Linux PHSA-2019-1.0-0255
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-4135-1.NASL
    descriptionPeter Pi discovered a buffer overflow in the virtio network backend (vhost_net) implementation in the Linux kernel. An attacker in a guest may be able to use this to cause a denial of service (host OS crash) or possibly execute arbitrary code in the host OS. (CVE-2019-14835) It was discovered that the Linux kernel on PowerPC architectures did not properly handle Facility Unavailable exceptions in some situations. A local attacker could use this to expose sensitive information. (CVE-2019-15030) It was discovered that the Linux kernel on PowerPC architectures did not properly handle exceptions on interrupts in some situations. A local attacker could use this to expose sensitive information. (CVE-2019-15031). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id129049
    published2019-09-19
    reporterUbuntu Security Notice (C) 2019 Canonical, Inc. / NASL script (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129049
    titleUbuntu 16.04 LTS / 18.04 LTS / 19.04 : linux, linux-aws, linux-aws-hwe, linux-azure, linux-gcp, (USN-4135-1)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-2613-1.NASL
    descriptionThis update for the Linux Kernel 3.12.74-60_64_107 fixes one issue. The following security issue was fixed : CVE-2019-14835: A buffer overflow flaw was found in the way vhost functionality, that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host (bsc#1151021). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id129748
    published2019-10-09
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129748
    titleSUSE SLES12 Security Update : kernel (SUSE-SU-2019:2613-1)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-2864.NASL
    descriptionAn update for kernel is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * A buffer overflow flaw was found in the way Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id129269
    published2019-09-24
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129269
    titleRHEL 7 : kernel (RHSA-2019:2864)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-2424-1.NASL
    descriptionThe SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. The following new features were implemented : jsc#SLE-4875: [CML] New device IDs for CML jsc#SLE-7294: Add cpufreq driver for Raspberry Pi fate#326869: perf: pmu mem_load/store event support fate#327380: KVM: Add hardware CPU Model - kernel part fate#327377: KVM: Support for configurable virtio-crypto fate#327775: vpmem: DRAM backed persistent volumes for improved SAP HANA on POWER restart times fate#326472: Marvell Armada 7K/8K Ethernet (incl. 10G) kernel enablement fate#326416: Hi1620 (Vendor: Huawei): RDMA kernel enablement fate#326415: Hi1620 (Vendor: Huawei): HNS3 (100G) network kernel enablement The following security bugs were fixed: CVE-2019-14835: Fix QEMU-KVM Guest to Host Kernel Escape. (bsc#1150112). CVE-2019-15216: Fix a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c driver. (bsc#1146361). CVE-2019-15924: Fix a NULL pointer dereference because there was no -ENOMEM upon an alloc_workqueue failure. (bsc#1149612). CVE-2019-9456: In Pixel C USB monitor driver there was a possible OOB write due to a missing bounds check. This could have lead to local escalation of privilege with System execution privileges needed. (bsc#1150025 CVE-2019-9456). CVE-2019-15030, CVE-2019-15031: On the powerpc platform, a local user could read vector registers of other users
    last seen2020-04-01
    modified2019-09-23
    plugin id129157
    published2019-09-23
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129157
    titleSUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:2424-1)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-2862.NASL
    descriptionAn update for kernel-alt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel-alt packages provide the Linux kernel version 4.x. Security Fix(es) : * A buffer overflow flaw was found in the way Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id129267
    published2019-09-24
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129267
    titleRHEL 7 : kernel-alt (RHSA-2019:2862)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-2900.NASL
    descriptionAn update for kernel is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support, Red Hat Enterprise Linux 7.3 Telco Extended Update Support, and Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * A buffer overflow flaw was found in the way Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id129373
    published2019-09-26
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129373
    titleRHEL 7 : kernel (RHSA-2019:2900)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-2949-1.NASL
    descriptionThe SUSE Linux Enterprise 12-SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a race condition in the Instruction Fetch Unit of the Intel CPU to cause a Machine Exception during Page Size Change, causing the CPU core to be non-functional. The Linux Kernel kvm hypervisor was adjusted to avoid page size changes in executable pages by splitting / merging huge pages into small pages as needed. More information can be found on https://www.suse.com/support/kb/doc/?id=7023735 CVE-2019-16995: Fix a memory leak in hsr_dev_finalize() if hsr_add_port failed to add a port, which may have caused denial of service (bsc#1152685). CVE-2019-11135: Aborting an asynchronous TSX operation on Intel CPUs with Transactional Memory support could be used to facilitate sidechannel information leaks out of microarchitectural buffers, similar to the previously described
    last seen2020-06-01
    modified2020-06-02
    plugin id130949
    published2019-11-13
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130949
    titleSUSE SLES12 Security Update : kernel (SUSE-SU-2019:2949-1)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2020-1197.NASL
    descriptionAccording to the versions of the kernel packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. Security Fix(es):An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver.(CVE-2019-15213)An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/cpia2/cpia2_usb.c driver.(CVE-2019-15215)An issue was discovered in the Linux kernel before 5.2.3. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/zr364xx/zr364xx.c driver.(CVE-2019-15217)An issue was discovered in the Linux kernel before 5.1.8. There is a double-free caused by a malicious USB device in the drivers/usb/misc/rio500.c driver.(CVE-2019-15212)An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c driver.(CVE-2019-15216)An issue was discovered in drivers/scsi/qedi/qedi_dbg.c in the Linux kernel before 5.1.12. In the qedi_dbg_* family of functions, there is an out-of-bounds read.(CVE-2019-15090)An issue was discovered in the Linux kernel before 5.0.9. There is a NULL pointer dereference for a cd data structure if alloc_disk fails in drivers/block/paride/pf.c.(CVE-2019-15923)An issue was discovered in the Linux kernel before 5.0.10. SMB2_negotiate in fs/cifs/smb2pdu.c has an out-of-bounds read because data structures are incompletely updated after a change from smb30 to smb21.(CVE-2019-15918)An issue was discovered in the Linux kernel before 5.0.9. There is a NULL pointer dereference for a pf data structure if alloc_disk fails in drivers/block/paride/pf.c.(CVE-2019-15922)An issue was discovered in the Linux kernel before 5.2.3. Out of bounds access exists in the functions ath6kl_wmi_pstream_timeout_event_rx and ath6kl_wmi_cac_event_rx in the file driverset/wireless/ath/ath6kl/wmi.c.(CVE-2019-15926)An issue was discovered in the Linux kernel before 5.0.11. fm10k_init_module in driverset/ethernet/intel/fm10k/fm10k_main.c has a NULL pointer dereference because there is no -ENOMEM upon an alloc_workqueue failure.(CVE-2019-15924)A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel
    last seen2020-04-09
    modified2020-03-13
    plugin id134486
    published2020-03-13
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/134486
    titleEulerOS Virtualization for ARM 64 3.0.2.0 : kernel (EulerOS-SA-2020-1197)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-2601-1.NASL
    descriptionThis update for the Linux Kernel 4.4.121-92_120 fixes several issues. The following security issues were fixed : CVE-2019-14835: A buffer overflow flaw was found in the way vhost functionality, that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host (bsc#1151021). CVE-2018-5390: Fixed a denial of service (
    last seen2020-06-01
    modified2020-06-02
    plugin id129747
    published2019-10-09
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129747
    titleSUSE SLES12 Security Update : kernel (SUSE-SU-2019:2601-1)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-2353.NASL
    descriptionAccording to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc.Security Fix(es):The yam_ioctl function in drivers et/hamradio/yam.c in the Linux kernel before 3.12.8 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability for an SIOCYAMGCFG ioctl call.(CVE-2014-1446)The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to cause a denial of service (capability stripping) via a failed invocation of a system call, as demonstrated by using chown to remove a capability from the ping or Wireshark dumpcap program.(CVE-2015-1350)A certain backport in the TCP Fast Open implementation for the Linux kernel before 3.18 does not properly maintain a count value, which allow local users to cause a denial of service (system crash) via the Fast Open feature, as demonstrated by visiting the chrome://flags/#enable-tcp-fast-open URL when using certain 3.10.x through 3.16.x kernel builds, including longterm-maintenance releases and ckt (aka Canonical Kernel Team) builds.(CVE-2015-3332)The hub_activate function in drivers/usb/core/hub.c in the Linux kernel before 4.3.5 does not properly maintain a hub-interface data structure, which allows physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device.(CVE-2015-8816)In the Linux kernel before 4.1.4, a buffer overflow occurs when checking userspace params in drivers/media/dvb-frontends/cx24116.c. The maximum size for a DiSEqC command is 6, according to the userspace API. However, the code allows larger values such as 23.(CVE-2015-9289)The create_fixed_stream_quirk function in sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference or double free, and system crash) via a crafted endpoints value in a USB device descriptor.(CVE-2016-2184)The ati_remote2_probe function in drivers/input/misc/ati_remote2.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.(CVE-2016-2185)The powermate_probe function in drivers/input/misc/powermate.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.(CVE-2016-2186)The gtco_probe function in drivers/input/tablet/gtco.c in the Linux kernel through 4.5.2 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.(CVE-2016-2187)Double free vulnerability in the snd_usbmidi_create function in sound/usb/midi.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (panic) or possibly have unspecified other impact via vectors involving an invalid USB descriptor.(CVE-2016-2384)The treo_attach function in drivers/usb/serial/visor.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a (1) bulk-in or (2) interrupt-in endpoint.(CVE-2016-2782)The acm_probe function in drivers/usb/class/cdc-acm.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both a control and a data endpoint descriptor.(CVE-2016-3138)The wacom_probe function in drivers/input/tablet/wacom_sys.c in the Linux kernel before 3.17 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.(CVE-2016-3139)The digi_port_init function in drivers/usb/serial/digi_acceleport.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.(CVE-2016-3140)The ims_pcu_parse_cdc_data function in drivers/input/misc/ims-pcu.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (system crash) via a USB device without both a master and a slave interface.(CVE-2016-3689)The snd_timer_user_params function in sound/core/timer.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface.(CVE-2016-4569)sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_timer_user_ccallback and (2) snd_timer_user_tinterrupt functions.(CVE-2016-4578)The x25_negotiate_facilities function in net/x25/x25_facilities.c in the Linux kernel before 4.5.5 does not properly initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack memory via an X.25 Call Request.(CVE-2016-4580)The arcmsr_iop_message_xfer function in drivers/scsi/arcmsr/arcmsr_hba.c in the Linux kernel through 4.8.2 does not restrict a certain length field, which allows local users to gain privileges or cause a denial of service (heap-based buffer overflow) via an ARCMSR_MESSAGE_WRITE_WQBUFFER control code.(CVE-2016-7425)The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing attackers to more easily manipulate the stack. Linux Kernel version 4.11.5 is affected.(CVE-2017-1000379)In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed in nl80211_set_station when user space application sends attribute NL80211_ATTR_LOCAL_MESH_POWER_MODE with data of size less than 4 bytes(CVE-2017-11089)An elevation of privilege vulnerability in the kernel sound timer. Product: Android. Versions: Android kernel. Android ID A-37240993.(CVE-2017-13167)In ashmem_ioctl of ashmem.c, there is an out-of-bounds write due to insufficient locking when accessing asma. This could lead to a local elevation of privilege enabling code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-66954097.(CVE-2017-13216)A information disclosure vulnerability in the Upstream kernel encrypted-keys. Product: Android. Versions: Android kernel. Android ID: A-70526974.(CVE-2017-13305)An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in drivers/scsi/qla2xxx/qla_attr.c in the Linux kernel through 4.12.10 allows local users to cause a denial of service (memory corruption and system crash) by leveraging root access.(CVE-2017-14051)The Serial Attached SCSI (SAS) implementation in the Linux kernel through 4.15.9 mishandles a mutex within libsas, which allows local users to cause a denial of service (deadlock) by triggering certain error-handling code.(CVE-2017-18232)An issue was discovered in net/ipv6/ip6mr.c in the Linux kernel before 4.11. By setting a specific socket option, an attacker can control a pointer in kernel land and cause an inet_csk_listen_stop general protection fault, or potentially execute arbitrary code under certain circumstances. The issue can be triggered as root (e.g., inside a default LXC container or with the CAP_NET_ADMIN capability) or after namespace unsharing. This occurs because sk_type and protocol are not checked in the appropriate part of the ip6_mroute_* functions. NOTE: this affects Linux distributions that use 4.9.x longterm kernels before 4.9.187.(CVE-2017-18509)An issue was discovered in drivers/i2c/i2c-core-smbus.c in the Linux kernel before 4.14.15. There is an out of bounds write in the function i2c_smbus_xfer_emulated.(CVE-2017-18551)An issue was discovered in the Linux kernel before 4.14.11. A double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c.(CVE-2017-18595)The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.5 does not check for a zero value of certain levels data, which allows local users to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and possibly panic) via a crafted ioctl call for a /dev/dri/renderD* device.(CVE-2017-7261)The KEYS subsystem in the Linux kernel before 4.10.13 allows local users to cause a denial of service (memory consumption) via a series of KEY_REQKEY_DEFL_THREAD_KEYRING keyctl_set_reqkey_keyring calls.(CVE-2017-7472)The kernel_wait4 function in kernel/exit.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service by triggering an attempted use of the -INT_MIN value.(CVE-2018-10087)The kill_something_info function in kernel/signal.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service via an INT_MIN argument.(CVE-2018-10124)The xfs_dinode_verify function in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_ilock_attr_map_shared invalid pointer dereference) via a crafted xfs image.(CVE-2018-10322)The xfs_bmap_extents_to_btree function in fs/xfs/libxfs/xfs_bmap.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_bmapi_write NULL pointer dereference) via a crafted xfs image.(CVE-2018-10323)The do_get_mempolicy function in mm/mempolicy.c in the Linux kernel before 4.12.9 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted system calls.(CVE-2018-10675)Linux kernel is vulnerable to a stack-out-of-bounds write in the ext4 filesystem code when mounting and writing to a crafted ext4 image in ext4_update_inline_data(). An attacker could use this to cause a system crash and a denial of service.(CVE-2018-10880)An issue was discovered in the Linux kernel through 4.17.3. An Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code is caused by the way the overrun accounting works. Depending on interval and expiry time values, the overrun can be larger than INT_MAX, but the accounting is int based. This basically makes the accounting values, which are visible to user space via timer_getoverrun(2) and siginfo::si_overrun, random. For example, a local user can cause a denial of service (signed integer overflow) via crafted mmap, futex, timer_create, and timer_settime system calls.(CVE-2018-12896)An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11. It does not ensure that only root may inspect the kernel stack of an arbitrary task, allowing a local attacker to exploit racy stack unwinding and leak kernel task stack contents.(CVE-2018-17972)An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658.(CVE-2018-18710 )An issue was discovered in the Linux kernel before 4.18.11. The ipddp_ioctl function in drivers et/appletalk/ipddp.c allows local users to obtain sensitive kernel address information by leveraging CAP_NET_ADMIN to read the ipddp_route dev and next fields via an SIOCFINDIPDDPRT ioctl call.(CVE-2018-20511)An issue was discovered in the Linux kernel before 4.18.7. In block/blk-core.c, there is an __blk_drain_queue() use-after-free because a certain error case is mishandled.(CVE-2018-20856)An issue was discovered in fs/xfs/xfs_super.c in the Linux kernel before 4.18. A use after free exists, related to xfs_fs_fill_super failure.(CVE-2018-20976)Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis.(CVE-2018-3693)In the function sbusfb_ioctl_helper() in drivers/video/fbdev/sbuslib.c in the Linux kernel through 4.15, an integer signedness error allows arbitrary information leakage for the FBIOPUTCMAP_SPARC and FBIOGETCMAP_SPARC commands.(CVE-2018-6412)In nfc_llcp_build_sdreq_tlv of llcp_commands.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-73083945.(CVE-2018-9518 )Insufficient access control in the Intel(R) PROSet/Wireless WiFi Software driver before version 21.10 may allow an unauthenticated user to potentially enable denial of service via adjacent access.(CVE-2019-0136)A vulnerability was found in Linux kernel
    last seen2020-05-08
    modified2019-12-10
    plugin id131845
    published2019-12-10
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131845
    titleEulerOS 2.0 SP2 : kernel (EulerOS-SA-2019-2353)
  • NASL familySlackware Local Security Checks
    NASL idSLACKWARE_SSA_2019-311-01.NASL
    descriptionNew kernel packages are available for Slackware 14.2 to fix security issues.
    last seen2020-03-17
    modified2019-11-08
    plugin id130751
    published2019-11-08
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130751
    titleSlackware 14.2 : Slackware 14.2 kernel (SSA:2019-311-01)
  • NASL familyNewStart CGSL Local Security Checks
    NASL idNEWSTART_CGSL_NS-SA-2019-0247_KERNEL.NASL
    descriptionThe remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has kernel packages installed that are affected by multiple vulnerabilities: - A flaw was found in the Linux kernel
    last seen2020-05-08
    modified2019-12-31
    plugin id132474
    published2019-12-31
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/132474
    titleNewStart CGSL CORE 5.05 / MAIN 5.05 : kernel Multiple Vulnerabilities (NS-SA-2019-0247)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2019-E3010166BD.NASL
    descriptionThe 5.2.15 stable kernel update contains a number of important fixes across the tree. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id129033
    published2019-09-19
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129033
    titleFedora 30 : kernel / kernel-headers (2019-e3010166bd)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-2081.NASL
    descriptionAccording to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc.Security Fix(es):An issue was discovered in the Linux kernel before 5.1.8. There is a double-free caused by a malicious USB device in the drivers/usb/misc/rio500.c driver.(CVE-2019-15212)An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver.(CVE-2019-15213)An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/cpia2/cpia2_usb.c driver.(CVE-2019-15215)An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c driver.(CVE-2019-15216)An issue was discovered in the Linux kernel before 5.2.3. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/zr364xx/zr364xx.c driver.(CVE-2019-15217)An issue was discovered in drivers/scsi/qedi/qedi_dbg.c in the Linux kernel before 5.1.12. In the qedi_dbg_* family of functions, there is an out-of-bounds read.(CVE-2019-15090)In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users
    last seen2020-05-03
    modified2019-09-30
    plugin id129440
    published2019-09-30
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129440
    titleEulerOS 2.0 SP8 : kernel (EulerOS-SA-2019-2081)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2019-2863.NASL
    descriptionAn update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * A buffer overflow flaw was found in the way Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id129471
    published2019-10-01
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129471
    titleCentOS 6 : kernel (CESA-2019:2863)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-2412-1.NASL
    descriptionThe SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. The following new features were implemented : jsc#SLE-4875: [CML] New device IDs for CML jsc#SLE-7294: Add cpufreq driver for Raspberry Pi fate#322438: Integrate P9 XIVE support (on PowerVM only) fate#322447: Add memory protection keys (MPK) support on POWER (on PowerVM only) fate#322448, fate#321438: P9 hardware counter (performance counters) support (on PowerVM only) fate#325306, fate#321840: Reduce memory required to boot capture kernel while using fadump fate#326869: perf: pmu mem_load/store event support The following security bugs were fixed: CVE-2017-18551: There was an out of bounds write in the function i2c_smbus_xfer_emulated. (bsc#1146163). CVE-2018-20976: A use after free existed, related to xfs_fs_fill_super failure. (bsc#1146285) CVE-2018-21008: A use-after-free can be caused by the function rsi_mac80211_detach (bsc#1149591). CVE-2019-9456: In Pixel C USB monitor driver there was a possible OOB write due to a missing bounds check. This could have lead to local escalation of privilege with System execution privileges needed. (bsc#1150025 CVE-2019-9456). CVE-2019-10207: Fix a NULL pointer dereference in hci_uart bluetooth driver (bsc#1142857 bsc#1123959). CVE-2019-14814, CVE-2019-14815, CVE-2019-14816: Fix three heap-based buffer overflows in marvell wifi chip driver kernel, that allowed local users to cause a denial of service (system crash) or possibly execute arbitrary code. (bnc#1146516) CVE-2019-14835: Fix QEMU-KVM Guest to Host Kernel Escape. (bsc#1150112). CVE-2019-15030, CVE-2019-15031: On the powerpc platform, a local user could read vector registers of other users
    last seen2020-04-01
    modified2019-09-23
    plugin id129154
    published2019-09-23
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129154
    titleSUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2019:2412-1)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-2274.NASL
    descriptionAccording to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc.Security Fix(es):Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.(CVE-2017-5754)The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kernel allows remote attackers to have unspecified impact via vectors involving GRE flags in an IPv6 packet, which trigger an out-of-bounds access.(CVE-2017-5897)The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.5 does not check for a zero value of certain levels data, which allows local users to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and possibly panic) via a crafted ioctl call for a /dev/dri/renderD* device.(CVE-2017-7261)The KEYS subsystem in the Linux kernel before 4.10.13 allows local users to cause a denial of service (memory consumption) via a series of KEY_REQKEY_DEFL_THREAD_KEYRING keyctl_set_reqkey_keyring calls.(CVE-2017-7472)A flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exception(#DB) being raised in the guest stack. A user/process inside a guest could use this flaw to potentially escalate their privileges inside the guest. Linux guests are not affected by this.(CVE-2017-7518)The kill_something_info function in kernel/signal.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service via an INT_MIN argument.(CVE-2018-10124)The xfs_bmap_extents_to_btree function in fs/xfs/libxfs/xfs_bmap.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_bmapi_write NULL pointer dereference) via a crafted xfs image.(CVE-2018-10323)The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() that allows an attacker controlling a CIFS server to kernel panic a client that has this server mounted, because an empty TargetInfo field in an NTLMSSP setup negotiation response is mishandled during session recovery.(CVE-2018-1066)The do_get_mempolicy function in mm/mempolicy.c in the Linux kernel before 4.12.9 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted system calls.(CVE-2018-10675)An issue was discovered in fs/xfs/libxfs/xfs_attr_leaf.c in the Linux kernel through 4.17.3. An OOPS may occur for a corrupted xfs image after xfs_da_shrink_inode() is called with a NULL bp.(CVE-2018-13094)An issue was discovered in fs/xfs/xfs_super.c in the Linux kernel before 4.18. A use after free exists, related to xfs_fs_fill_super failure.(CVE-2018-20976)Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis.(CVE-2018-3693)In the function sbusfb_ioctl_helper() in drivers/video/fbdev/sbuslib.c in the Linux kernel through 4.15, an integer signedness error allows arbitrary information leakage for the FBIOPUTCMAP_SPARC and FBIOGETCMAP_SPARC commands.(CVE-2018-6412)Race condition in the store_int_with_restart() function in arch/x86/kernel/cpu/mcheck/mce.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (panic) by leveraging root access to write to the check_interval file in a /sys/devices/system/machinecheck/machinecheck directory. NOTE: a third party has indicated that this report is not security relevant.(CVE-2018-7995)In the hidp_process_report in bluetooth, there is an integer overflow. This could lead to an out of bounds write with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-65853588 References: Upstream kernel.(CVE-2018-9363)In nfc_llcp_build_sdreq_tlv of llcp_commands.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-73083945.(CVE-2018-9518)A vulnerability was found in Linux kernel
    last seen2020-05-08
    modified2019-11-08
    plugin id130736
    published2019-11-08
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130736
    titleEulerOS 2.0 SP3 : kernel (EulerOS-SA-2019-2274)
  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2019-3_0-0034_LINUX.NASL
    descriptionAn update of the linux package has been released.
    last seen2020-06-01
    modified2020-06-02
    plugin id130120
    published2019-10-22
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130120
    titlePhoton OS 3.0: Linux PHSA-2019-3.0-0034

Redhat

advisories
  • bugzilla
    id1750727
    titleCVE-2019-14835 kernel: vhost-net: guest to host kernel escape during migration
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 8 is installed
        ovaloval:com.redhat.rhba:tst:20193384074
      • OR
        • commentkernel earlier than 0:4.18.0-80.11.2.el8_0 is currently running
          ovaloval:com.redhat.rhsa:tst:20192827051
        • commentkernel earlier than 0:4.18.0-80.11.2.el8_0 is set to boot up on next boot
          ovaloval:com.redhat.rhsa:tst:20192827052
      • OR
        • AND
          • commentkernel-doc is earlier than 0:4.18.0-80.11.2.el8_0
            ovaloval:com.redhat.rhsa:tst:20192827001
          • commentkernel-doc is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842002
        • AND
          • commentkernel-abi-whitelists is earlier than 0:4.18.0-80.11.2.el8_0
            ovaloval:com.redhat.rhsa:tst:20192827003
          • commentkernel-abi-whitelists is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20131645022
        • AND
          • commentpython3-perf is earlier than 0:4.18.0-80.11.2.el8_0
            ovaloval:com.redhat.rhsa:tst:20192827005
          • commentpython3-perf is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167024
        • AND
          • commentperf is earlier than 0:4.18.0-80.11.2.el8_0
            ovaloval:com.redhat.rhsa:tst:20192827007
          • commentperf is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842006
        • AND
          • commentkernel-tools-libs is earlier than 0:4.18.0-80.11.2.el8_0
            ovaloval:com.redhat.rhsa:tst:20192827009
          • commentkernel-tools-libs is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20140678016
        • AND
          • commentkernel-tools is earlier than 0:4.18.0-80.11.2.el8_0
            ovaloval:com.redhat.rhsa:tst:20192827011
          • commentkernel-tools is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20140678012
        • AND
          • commentkernel-modules-extra is earlier than 0:4.18.0-80.11.2.el8_0
            ovaloval:com.redhat.rhsa:tst:20192827013
          • commentkernel-modules-extra is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167016
        • AND
          • commentkernel-modules is earlier than 0:4.18.0-80.11.2.el8_0
            ovaloval:com.redhat.rhsa:tst:20192827015
          • commentkernel-modules is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167044
        • AND
          • commentkernel-headers is earlier than 0:4.18.0-80.11.2.el8_0
            ovaloval:com.redhat.rhsa:tst:20192827017
          • commentkernel-headers is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842010
        • AND
          • commentkernel-devel is earlier than 0:4.18.0-80.11.2.el8_0
            ovaloval:com.redhat.rhsa:tst:20192827019
          • commentkernel-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842016
        • AND
          • commentkernel-debug-modules-extra is earlier than 0:4.18.0-80.11.2.el8_0
            ovaloval:com.redhat.rhsa:tst:20192827021
          • commentkernel-debug-modules-extra is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167010
        • AND
          • commentkernel-debug-modules is earlier than 0:4.18.0-80.11.2.el8_0
            ovaloval:com.redhat.rhsa:tst:20192827023
          • commentkernel-debug-modules is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167018
        • AND
          • commentkernel-debug-devel is earlier than 0:4.18.0-80.11.2.el8_0
            ovaloval:com.redhat.rhsa:tst:20192827025
          • commentkernel-debug-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842008
        • AND
          • commentkernel-debug-core is earlier than 0:4.18.0-80.11.2.el8_0
            ovaloval:com.redhat.rhsa:tst:20192827027
          • commentkernel-debug-core is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167026
        • AND
          • commentkernel-debug is earlier than 0:4.18.0-80.11.2.el8_0
            ovaloval:com.redhat.rhsa:tst:20192827029
          • commentkernel-debug is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842014
        • AND
          • commentkernel-cross-headers is earlier than 0:4.18.0-80.11.2.el8_0
            ovaloval:com.redhat.rhsa:tst:20192827031
          • commentkernel-cross-headers is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167046
        • AND
          • commentkernel-core is earlier than 0:4.18.0-80.11.2.el8_0
            ovaloval:com.redhat.rhsa:tst:20192827033
          • commentkernel-core is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167036
        • AND
          • commentkernel is earlier than 0:4.18.0-80.11.2.el8_0
            ovaloval:com.redhat.rhsa:tst:20192827035
          • commentkernel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842012
        • AND
          • commentbpftool is earlier than 0:4.18.0-80.11.2.el8_0
            ovaloval:com.redhat.rhsa:tst:20192827037
          • commentbpftool is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20183083026
        • AND
          • commentkernel-zfcpdump-modules-extra is earlier than 0:4.18.0-80.11.2.el8_0
            ovaloval:com.redhat.rhsa:tst:20192827039
          • commentkernel-zfcpdump-modules-extra is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167014
        • AND
          • commentkernel-zfcpdump-modules is earlier than 0:4.18.0-80.11.2.el8_0
            ovaloval:com.redhat.rhsa:tst:20192827041
          • commentkernel-zfcpdump-modules is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167020
        • AND
          • commentkernel-zfcpdump-devel is earlier than 0:4.18.0-80.11.2.el8_0
            ovaloval:com.redhat.rhsa:tst:20192827043
          • commentkernel-zfcpdump-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167038
        • AND
          • commentkernel-zfcpdump-core is earlier than 0:4.18.0-80.11.2.el8_0
            ovaloval:com.redhat.rhsa:tst:20192827045
          • commentkernel-zfcpdump-core is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167006
        • AND
          • commentkernel-zfcpdump is earlier than 0:4.18.0-80.11.2.el8_0
            ovaloval:com.redhat.rhsa:tst:20192827047
          • commentkernel-zfcpdump is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167008
        • AND
          • commentkernel-tools-libs-devel is earlier than 0:4.18.0-80.11.2.el8_0
            ovaloval:com.redhat.rhsa:tst:20192827049
          • commentkernel-tools-libs-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20140678022
    rhsa
    idRHSA-2019:2827
    released2019-09-20
    severityImportant
    titleRHSA-2019:2827: kernel security update (Important)
  • bugzilla
    id1750727
    titleCVE-2019-14835 kernel: vhost-net: guest to host kernel escape during migration
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 8 is installed
        ovaloval:com.redhat.rhba:tst:20193384074
      • OR
        • AND
          • commentkernel-rt-modules-extra is earlier than 0:4.18.0-80.11.2.rt9.157.el8_0
            ovaloval:com.redhat.rhsa:tst:20192828001
          • commentkernel-rt-modules-extra is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191174008
        • AND
          • commentkernel-rt-modules is earlier than 0:4.18.0-80.11.2.rt9.157.el8_0
            ovaloval:com.redhat.rhsa:tst:20192828003
          • commentkernel-rt-modules is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191174020
        • AND
          • commentkernel-rt-devel is earlier than 0:4.18.0-80.11.2.rt9.157.el8_0
            ovaloval:com.redhat.rhsa:tst:20192828005
          • commentkernel-rt-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20150727012
        • AND
          • commentkernel-rt-debug-modules-extra is earlier than 0:4.18.0-80.11.2.rt9.157.el8_0
            ovaloval:com.redhat.rhsa:tst:20192828007
          • commentkernel-rt-debug-modules-extra is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191174016
        • AND
          • commentkernel-rt-debug-modules is earlier than 0:4.18.0-80.11.2.rt9.157.el8_0
            ovaloval:com.redhat.rhsa:tst:20192828009
          • commentkernel-rt-debug-modules is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191174010
        • AND
          • commentkernel-rt-debug-devel is earlier than 0:4.18.0-80.11.2.rt9.157.el8_0
            ovaloval:com.redhat.rhsa:tst:20192828011
          • commentkernel-rt-debug-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20150727010
        • AND
          • commentkernel-rt-debug-core is earlier than 0:4.18.0-80.11.2.rt9.157.el8_0
            ovaloval:com.redhat.rhsa:tst:20192828013
          • commentkernel-rt-debug-core is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191174022
        • AND
          • commentkernel-rt-debug is earlier than 0:4.18.0-80.11.2.rt9.157.el8_0
            ovaloval:com.redhat.rhsa:tst:20192828015
          • commentkernel-rt-debug is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20150727014
        • AND
          • commentkernel-rt-core is earlier than 0:4.18.0-80.11.2.rt9.157.el8_0
            ovaloval:com.redhat.rhsa:tst:20192828017
          • commentkernel-rt-core is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191174006
        • AND
          • commentkernel-rt is earlier than 0:4.18.0-80.11.2.rt9.157.el8_0
            ovaloval:com.redhat.rhsa:tst:20192828019
          • commentkernel-rt is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20150727006
        • AND
          • commentkernel-rt-kvm is earlier than 0:4.18.0-80.11.2.rt9.157.el8_0
            ovaloval:com.redhat.rhsa:tst:20192828021
          • commentkernel-rt-kvm is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20160212018
        • AND
          • commentkernel-rt-debug-kvm is earlier than 0:4.18.0-80.11.2.rt9.157.el8_0
            ovaloval:com.redhat.rhsa:tst:20192828023
          • commentkernel-rt-debug-kvm is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20160212020
    rhsa
    idRHSA-2019:2828
    released2019-09-20
    severityImportant
    titleRHSA-2019:2828: kernel-rt security update (Important)
  • bugzilla
    id1750727
    titleCVE-2019-14835 kernel: vhost-net: guest to host kernel escape during migration
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 7 is installed
        ovaloval:com.redhat.rhba:tst:20150364027
      • OR
        • commentkernel earlier than 0:3.10.0-1062.1.2.el7 is currently running
          ovaloval:com.redhat.rhsa:tst:20192829033
        • commentkernel earlier than 0:3.10.0-1062.1.2.el7 is set to boot up on next boot
          ovaloval:com.redhat.rhsa:tst:20192829034
      • OR
        • AND
          • commentkernel-tools-libs-devel is earlier than 0:3.10.0-1062.1.2.el7
            ovaloval:com.redhat.rhsa:tst:20192829001
          • commentkernel-tools-libs-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20140678022
        • AND
          • commentkernel-doc is earlier than 0:3.10.0-1062.1.2.el7
            ovaloval:com.redhat.rhsa:tst:20192829003
          • commentkernel-doc is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842002
        • AND
          • commentkernel-abi-whitelists is earlier than 0:3.10.0-1062.1.2.el7
            ovaloval:com.redhat.rhsa:tst:20192829005
          • commentkernel-abi-whitelists is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20131645022
        • AND
          • commentpython-perf is earlier than 0:3.10.0-1062.1.2.el7
            ovaloval:com.redhat.rhsa:tst:20192829007
          • commentpython-perf is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20111530024
        • AND
          • commentperf is earlier than 0:3.10.0-1062.1.2.el7
            ovaloval:com.redhat.rhsa:tst:20192829009
          • commentperf is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842006
        • AND
          • commentkernel-tools-libs is earlier than 0:3.10.0-1062.1.2.el7
            ovaloval:com.redhat.rhsa:tst:20192829011
          • commentkernel-tools-libs is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20140678016
        • AND
          • commentkernel-tools is earlier than 0:3.10.0-1062.1.2.el7
            ovaloval:com.redhat.rhsa:tst:20192829013
          • commentkernel-tools is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20140678012
        • AND
          • commentkernel-headers is earlier than 0:3.10.0-1062.1.2.el7
            ovaloval:com.redhat.rhsa:tst:20192829015
          • commentkernel-headers is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842010
        • AND
          • commentkernel-devel is earlier than 0:3.10.0-1062.1.2.el7
            ovaloval:com.redhat.rhsa:tst:20192829017
          • commentkernel-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842016
        • AND
          • commentkernel-debug-devel is earlier than 0:3.10.0-1062.1.2.el7
            ovaloval:com.redhat.rhsa:tst:20192829019
          • commentkernel-debug-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842008
        • AND
          • commentkernel-debug is earlier than 0:3.10.0-1062.1.2.el7
            ovaloval:com.redhat.rhsa:tst:20192829021
          • commentkernel-debug is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842014
        • AND
          • commentkernel is earlier than 0:3.10.0-1062.1.2.el7
            ovaloval:com.redhat.rhsa:tst:20192829023
          • commentkernel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842012
        • AND
          • commentbpftool is earlier than 0:3.10.0-1062.1.2.el7
            ovaloval:com.redhat.rhsa:tst:20192829025
          • commentbpftool is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20183083026
        • AND
          • commentkernel-bootwrapper is earlier than 0:3.10.0-1062.1.2.el7
            ovaloval:com.redhat.rhsa:tst:20192829027
          • commentkernel-bootwrapper is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842018
        • AND
          • commentkernel-kdump-devel is earlier than 0:3.10.0-1062.1.2.el7
            ovaloval:com.redhat.rhsa:tst:20192829029
          • commentkernel-kdump-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842022
        • AND
          • commentkernel-kdump is earlier than 0:3.10.0-1062.1.2.el7
            ovaloval:com.redhat.rhsa:tst:20192829031
          • commentkernel-kdump is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842020
    rhsa
    idRHSA-2019:2829
    released2019-09-20
    severityImportant
    titleRHSA-2019:2829: kernel security update (Important)
  • bugzilla
    id1750727
    titleCVE-2019-14835 kernel: vhost-net: guest to host kernel escape during migration
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 7 is installed
        ovaloval:com.redhat.rhba:tst:20150364027
      • OR
        • AND
          • commentkernel-rt-doc is earlier than 0:3.10.0-1062.1.2.rt56.1025.el7
            ovaloval:com.redhat.rhsa:tst:20192830001
          • commentkernel-rt-doc is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20150727002
        • AND
          • commentkernel-rt-trace-devel is earlier than 0:3.10.0-1062.1.2.rt56.1025.el7
            ovaloval:com.redhat.rhsa:tst:20192830003
          • commentkernel-rt-trace-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20150727004
        • AND
          • commentkernel-rt-trace is earlier than 0:3.10.0-1062.1.2.rt56.1025.el7
            ovaloval:com.redhat.rhsa:tst:20192830005
          • commentkernel-rt-trace is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20150727008
        • AND
          • commentkernel-rt-devel is earlier than 0:3.10.0-1062.1.2.rt56.1025.el7
            ovaloval:com.redhat.rhsa:tst:20192830007
          • commentkernel-rt-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20150727012
        • AND
          • commentkernel-rt-debug-devel is earlier than 0:3.10.0-1062.1.2.rt56.1025.el7
            ovaloval:com.redhat.rhsa:tst:20192830009
          • commentkernel-rt-debug-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20150727010
        • AND
          • commentkernel-rt-debug is earlier than 0:3.10.0-1062.1.2.rt56.1025.el7
            ovaloval:com.redhat.rhsa:tst:20192830011
          • commentkernel-rt-debug is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20150727014
        • AND
          • commentkernel-rt is earlier than 0:3.10.0-1062.1.2.rt56.1025.el7
            ovaloval:com.redhat.rhsa:tst:20192830013
          • commentkernel-rt is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20150727006
        • AND
          • commentkernel-rt-trace-kvm is earlier than 0:3.10.0-1062.1.2.rt56.1025.el7
            ovaloval:com.redhat.rhsa:tst:20192830015
          • commentkernel-rt-trace-kvm is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20160212016
        • AND
          • commentkernel-rt-kvm is earlier than 0:3.10.0-1062.1.2.rt56.1025.el7
            ovaloval:com.redhat.rhsa:tst:20192830017
          • commentkernel-rt-kvm is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20160212018
        • AND
          • commentkernel-rt-debug-kvm is earlier than 0:3.10.0-1062.1.2.rt56.1025.el7
            ovaloval:com.redhat.rhsa:tst:20192830019
          • commentkernel-rt-debug-kvm is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20160212020
    rhsa
    idRHSA-2019:2830
    released2019-09-20
    severityImportant
    titleRHSA-2019:2830: kernel-rt security update (Important)
  • bugzilla
    id1750727
    titleCVE-2019-14835 kernel: vhost-net: guest to host kernel escape during migration
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 6 is installed
        ovaloval:com.redhat.rhba:tst:20111656003
      • OR
        • commentkernel earlier than 0:2.6.32-754.23.1.el6 is currently running
          ovaloval:com.redhat.rhsa:tst:20192863027
        • commentkernel earlier than 0:2.6.32-754.23.1.el6 is set to boot up on next boot
          ovaloval:com.redhat.rhsa:tst:20192863028
      • OR
        • AND
          • commentkernel-firmware is earlier than 0:2.6.32-754.23.1.el6
            ovaloval:com.redhat.rhsa:tst:20192863001
          • commentkernel-firmware is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842004
        • AND
          • commentkernel-doc is earlier than 0:2.6.32-754.23.1.el6
            ovaloval:com.redhat.rhsa:tst:20192863003
          • commentkernel-doc is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842002
        • AND
          • commentkernel-abi-whitelists is earlier than 0:2.6.32-754.23.1.el6
            ovaloval:com.redhat.rhsa:tst:20192863005
          • commentkernel-abi-whitelists is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20131645022
        • AND
          • commentperf is earlier than 0:2.6.32-754.23.1.el6
            ovaloval:com.redhat.rhsa:tst:20192863007
          • commentperf is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842006
        • AND
          • commentkernel-headers is earlier than 0:2.6.32-754.23.1.el6
            ovaloval:com.redhat.rhsa:tst:20192863009
          • commentkernel-headers is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842010
        • AND
          • commentkernel-devel is earlier than 0:2.6.32-754.23.1.el6
            ovaloval:com.redhat.rhsa:tst:20192863011
          • commentkernel-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842016
        • AND
          • commentkernel-debug-devel is earlier than 0:2.6.32-754.23.1.el6
            ovaloval:com.redhat.rhsa:tst:20192863013
          • commentkernel-debug-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842008
        • AND
          • commentkernel-debug is earlier than 0:2.6.32-754.23.1.el6
            ovaloval:com.redhat.rhsa:tst:20192863015
          • commentkernel-debug is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842014
        • AND
          • commentkernel is earlier than 0:2.6.32-754.23.1.el6
            ovaloval:com.redhat.rhsa:tst:20192863017
          • commentkernel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842012
        • AND
          • commentpython-perf is earlier than 0:2.6.32-754.23.1.el6
            ovaloval:com.redhat.rhsa:tst:20192863019
          • commentpython-perf is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20111530024
        • AND
          • commentkernel-bootwrapper is earlier than 0:2.6.32-754.23.1.el6
            ovaloval:com.redhat.rhsa:tst:20192863021
          • commentkernel-bootwrapper is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842018
        • AND
          • commentkernel-kdump-devel is earlier than 0:2.6.32-754.23.1.el6
            ovaloval:com.redhat.rhsa:tst:20192863023
          • commentkernel-kdump-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842022
        • AND
          • commentkernel-kdump is earlier than 0:2.6.32-754.23.1.el6
            ovaloval:com.redhat.rhsa:tst:20192863025
          • commentkernel-kdump is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842020
    rhsa
    idRHSA-2019:2863
    released2019-09-23
    severityImportant
    titleRHSA-2019:2863: kernel security update (Important)
  • rhsa
    idRHBA-2019:2824
  • rhsa
    idRHSA-2019:2854
  • rhsa
    idRHSA-2019:2862
  • rhsa
    idRHSA-2019:2864
  • rhsa
    idRHSA-2019:2865
  • rhsa
    idRHSA-2019:2866
  • rhsa
    idRHSA-2019:2867
  • rhsa
    idRHSA-2019:2869
  • rhsa
    idRHSA-2019:2889
  • rhsa
    idRHSA-2019:2899
  • rhsa
    idRHSA-2019:2900
  • rhsa
    idRHSA-2019:2901
  • rhsa
    idRHSA-2019:2924
rpms
  • bpftool-0:4.18.0-80.11.2.el8_0
  • bpftool-debuginfo-0:4.18.0-80.11.2.el8_0
  • kernel-0:4.18.0-80.11.2.el8_0
  • kernel-abi-whitelists-0:4.18.0-80.11.2.el8_0
  • kernel-core-0:4.18.0-80.11.2.el8_0
  • kernel-cross-headers-0:4.18.0-80.11.2.el8_0
  • kernel-debug-0:4.18.0-80.11.2.el8_0
  • kernel-debug-core-0:4.18.0-80.11.2.el8_0
  • kernel-debug-debuginfo-0:4.18.0-80.11.2.el8_0
  • kernel-debug-devel-0:4.18.0-80.11.2.el8_0
  • kernel-debug-modules-0:4.18.0-80.11.2.el8_0
  • kernel-debug-modules-extra-0:4.18.0-80.11.2.el8_0
  • kernel-debuginfo-0:4.18.0-80.11.2.el8_0
  • kernel-debuginfo-common-aarch64-0:4.18.0-80.11.2.el8_0
  • kernel-debuginfo-common-ppc64le-0:4.18.0-80.11.2.el8_0
  • kernel-debuginfo-common-s390x-0:4.18.0-80.11.2.el8_0
  • kernel-debuginfo-common-x86_64-0:4.18.0-80.11.2.el8_0
  • kernel-devel-0:4.18.0-80.11.2.el8_0
  • kernel-doc-0:4.18.0-80.11.2.el8_0
  • kernel-headers-0:4.18.0-80.11.2.el8_0
  • kernel-modules-0:4.18.0-80.11.2.el8_0
  • kernel-modules-extra-0:4.18.0-80.11.2.el8_0
  • kernel-tools-0:4.18.0-80.11.2.el8_0
  • kernel-tools-debuginfo-0:4.18.0-80.11.2.el8_0
  • kernel-tools-libs-0:4.18.0-80.11.2.el8_0
  • kernel-tools-libs-devel-0:4.18.0-80.11.2.el8_0
  • kernel-zfcpdump-0:4.18.0-80.11.2.el8_0
  • kernel-zfcpdump-core-0:4.18.0-80.11.2.el8_0
  • kernel-zfcpdump-debuginfo-0:4.18.0-80.11.2.el8_0
  • kernel-zfcpdump-devel-0:4.18.0-80.11.2.el8_0
  • kernel-zfcpdump-modules-0:4.18.0-80.11.2.el8_0
  • kernel-zfcpdump-modules-extra-0:4.18.0-80.11.2.el8_0
  • perf-0:4.18.0-80.11.2.el8_0
  • perf-debuginfo-0:4.18.0-80.11.2.el8_0
  • python3-perf-0:4.18.0-80.11.2.el8_0
  • python3-perf-debuginfo-0:4.18.0-80.11.2.el8_0
  • kernel-rt-0:4.18.0-80.11.2.rt9.157.el8_0
  • kernel-rt-core-0:4.18.0-80.11.2.rt9.157.el8_0
  • kernel-rt-debug-0:4.18.0-80.11.2.rt9.157.el8_0
  • kernel-rt-debug-core-0:4.18.0-80.11.2.rt9.157.el8_0
  • kernel-rt-debug-debuginfo-0:4.18.0-80.11.2.rt9.157.el8_0
  • kernel-rt-debug-devel-0:4.18.0-80.11.2.rt9.157.el8_0
  • kernel-rt-debug-kvm-0:4.18.0-80.11.2.rt9.157.el8_0
  • kernel-rt-debug-kvm-debuginfo-0:4.18.0-80.11.2.rt9.157.el8_0
  • kernel-rt-debug-modules-0:4.18.0-80.11.2.rt9.157.el8_0
  • kernel-rt-debug-modules-extra-0:4.18.0-80.11.2.rt9.157.el8_0
  • kernel-rt-debuginfo-0:4.18.0-80.11.2.rt9.157.el8_0
  • kernel-rt-debuginfo-common-x86_64-0:4.18.0-80.11.2.rt9.157.el8_0
  • kernel-rt-devel-0:4.18.0-80.11.2.rt9.157.el8_0
  • kernel-rt-kvm-0:4.18.0-80.11.2.rt9.157.el8_0
  • kernel-rt-kvm-debuginfo-0:4.18.0-80.11.2.rt9.157.el8_0
  • kernel-rt-modules-0:4.18.0-80.11.2.rt9.157.el8_0
  • kernel-rt-modules-extra-0:4.18.0-80.11.2.rt9.157.el8_0
  • bpftool-0:3.10.0-1062.1.2.el7
  • bpftool-debuginfo-0:3.10.0-1062.1.2.el7
  • kernel-0:3.10.0-1062.1.2.el7
  • kernel-abi-whitelists-0:3.10.0-1062.1.2.el7
  • kernel-bootwrapper-0:3.10.0-1062.1.2.el7
  • kernel-debug-0:3.10.0-1062.1.2.el7
  • kernel-debug-debuginfo-0:3.10.0-1062.1.2.el7
  • kernel-debug-devel-0:3.10.0-1062.1.2.el7
  • kernel-debuginfo-0:3.10.0-1062.1.2.el7
  • kernel-debuginfo-common-ppc64-0:3.10.0-1062.1.2.el7
  • kernel-debuginfo-common-ppc64le-0:3.10.0-1062.1.2.el7
  • kernel-debuginfo-common-s390x-0:3.10.0-1062.1.2.el7
  • kernel-debuginfo-common-x86_64-0:3.10.0-1062.1.2.el7
  • kernel-devel-0:3.10.0-1062.1.2.el7
  • kernel-doc-0:3.10.0-1062.1.2.el7
  • kernel-headers-0:3.10.0-1062.1.2.el7
  • kernel-kdump-0:3.10.0-1062.1.2.el7
  • kernel-kdump-debuginfo-0:3.10.0-1062.1.2.el7
  • kernel-kdump-devel-0:3.10.0-1062.1.2.el7
  • kernel-tools-0:3.10.0-1062.1.2.el7
  • kernel-tools-debuginfo-0:3.10.0-1062.1.2.el7
  • kernel-tools-libs-0:3.10.0-1062.1.2.el7
  • kernel-tools-libs-devel-0:3.10.0-1062.1.2.el7
  • perf-0:3.10.0-1062.1.2.el7
  • perf-debuginfo-0:3.10.0-1062.1.2.el7
  • python-perf-0:3.10.0-1062.1.2.el7
  • python-perf-debuginfo-0:3.10.0-1062.1.2.el7
  • kernel-rt-0:3.10.0-1062.1.2.rt56.1025.el7
  • kernel-rt-debug-0:3.10.0-1062.1.2.rt56.1025.el7
  • kernel-rt-debug-debuginfo-0:3.10.0-1062.1.2.rt56.1025.el7
  • kernel-rt-debug-devel-0:3.10.0-1062.1.2.rt56.1025.el7
  • kernel-rt-debug-kvm-0:3.10.0-1062.1.2.rt56.1025.el7
  • kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.1.2.rt56.1025.el7
  • kernel-rt-debuginfo-0:3.10.0-1062.1.2.rt56.1025.el7
  • kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.1.2.rt56.1025.el7
  • kernel-rt-devel-0:3.10.0-1062.1.2.rt56.1025.el7
  • kernel-rt-doc-0:3.10.0-1062.1.2.rt56.1025.el7
  • kernel-rt-kvm-0:3.10.0-1062.1.2.rt56.1025.el7
  • kernel-rt-kvm-debuginfo-0:3.10.0-1062.1.2.rt56.1025.el7
  • kernel-rt-trace-0:3.10.0-1062.1.2.rt56.1025.el7
  • kernel-rt-trace-debuginfo-0:3.10.0-1062.1.2.rt56.1025.el7
  • kernel-rt-trace-devel-0:3.10.0-1062.1.2.rt56.1025.el7
  • kernel-rt-trace-kvm-0:3.10.0-1062.1.2.rt56.1025.el7
  • kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.1.2.rt56.1025.el7
  • kpatch-patch-3_10_0-1062-0:1-1.el7
  • kpatch-patch-3_10_0-1062-debuginfo-0:1-1.el7
  • kpatch-patch-3_10_0-1062_1_1-0:1-1.el7
  • kpatch-patch-3_10_0-1062_1_1-debuginfo-0:1-1.el7
  • kernel-0:4.14.0-115.13.1.el7a
  • kernel-abi-whitelists-0:4.14.0-115.13.1.el7a
  • kernel-bootwrapper-0:4.14.0-115.13.1.el7a
  • kernel-debug-0:4.14.0-115.13.1.el7a
  • kernel-debug-debuginfo-0:4.14.0-115.13.1.el7a
  • kernel-debug-devel-0:4.14.0-115.13.1.el7a
  • kernel-debuginfo-0:4.14.0-115.13.1.el7a
  • kernel-debuginfo-common-aarch64-0:4.14.0-115.13.1.el7a
  • kernel-debuginfo-common-ppc64le-0:4.14.0-115.13.1.el7a
  • kernel-debuginfo-common-s390x-0:4.14.0-115.13.1.el7a
  • kernel-devel-0:4.14.0-115.13.1.el7a
  • kernel-doc-0:4.14.0-115.13.1.el7a
  • kernel-headers-0:4.14.0-115.13.1.el7a
  • kernel-kdump-0:4.14.0-115.13.1.el7a
  • kernel-kdump-debuginfo-0:4.14.0-115.13.1.el7a
  • kernel-kdump-devel-0:4.14.0-115.13.1.el7a
  • kernel-tools-0:4.14.0-115.13.1.el7a
  • kernel-tools-debuginfo-0:4.14.0-115.13.1.el7a
  • kernel-tools-libs-0:4.14.0-115.13.1.el7a
  • kernel-tools-libs-devel-0:4.14.0-115.13.1.el7a
  • perf-0:4.14.0-115.13.1.el7a
  • perf-debuginfo-0:4.14.0-115.13.1.el7a
  • python-perf-0:4.14.0-115.13.1.el7a
  • python-perf-debuginfo-0:4.14.0-115.13.1.el7a
  • kernel-0:2.6.32-754.23.1.el6
  • kernel-abi-whitelists-0:2.6.32-754.23.1.el6
  • kernel-bootwrapper-0:2.6.32-754.23.1.el6
  • kernel-debug-0:2.6.32-754.23.1.el6
  • kernel-debug-debuginfo-0:2.6.32-754.23.1.el6
  • kernel-debug-devel-0:2.6.32-754.23.1.el6
  • kernel-debuginfo-0:2.6.32-754.23.1.el6
  • kernel-debuginfo-common-i686-0:2.6.32-754.23.1.el6
  • kernel-debuginfo-common-ppc64-0:2.6.32-754.23.1.el6
  • kernel-debuginfo-common-s390x-0:2.6.32-754.23.1.el6
  • kernel-debuginfo-common-x86_64-0:2.6.32-754.23.1.el6
  • kernel-devel-0:2.6.32-754.23.1.el6
  • kernel-doc-0:2.6.32-754.23.1.el6
  • kernel-firmware-0:2.6.32-754.23.1.el6
  • kernel-headers-0:2.6.32-754.23.1.el6
  • kernel-kdump-0:2.6.32-754.23.1.el6
  • kernel-kdump-debuginfo-0:2.6.32-754.23.1.el6
  • kernel-kdump-devel-0:2.6.32-754.23.1.el6
  • perf-0:2.6.32-754.23.1.el6
  • perf-debuginfo-0:2.6.32-754.23.1.el6
  • python-perf-0:2.6.32-754.23.1.el6
  • python-perf-debuginfo-0:2.6.32-754.23.1.el6
  • bpftool-0:3.10.0-957.35.2.el7
  • kernel-0:3.10.0-957.35.2.el7
  • kernel-abi-whitelists-0:3.10.0-957.35.2.el7
  • kernel-bootwrapper-0:3.10.0-957.35.2.el7
  • kernel-debug-0:3.10.0-957.35.2.el7
  • kernel-debug-debuginfo-0:3.10.0-957.35.2.el7
  • kernel-debug-devel-0:3.10.0-957.35.2.el7
  • kernel-debuginfo-0:3.10.0-957.35.2.el7
  • kernel-debuginfo-common-ppc64-0:3.10.0-957.35.2.el7
  • kernel-debuginfo-common-ppc64le-0:3.10.0-957.35.2.el7
  • kernel-debuginfo-common-s390x-0:3.10.0-957.35.2.el7
  • kernel-debuginfo-common-x86_64-0:3.10.0-957.35.2.el7
  • kernel-devel-0:3.10.0-957.35.2.el7
  • kernel-doc-0:3.10.0-957.35.2.el7
  • kernel-headers-0:3.10.0-957.35.2.el7
  • kernel-kdump-0:3.10.0-957.35.2.el7
  • kernel-kdump-debuginfo-0:3.10.0-957.35.2.el7
  • kernel-kdump-devel-0:3.10.0-957.35.2.el7
  • kernel-tools-0:3.10.0-957.35.2.el7
  • kernel-tools-debuginfo-0:3.10.0-957.35.2.el7
  • kernel-tools-libs-0:3.10.0-957.35.2.el7
  • kernel-tools-libs-devel-0:3.10.0-957.35.2.el7
  • perf-0:3.10.0-957.35.2.el7
  • perf-debuginfo-0:3.10.0-957.35.2.el7
  • python-perf-0:3.10.0-957.35.2.el7
  • python-perf-debuginfo-0:3.10.0-957.35.2.el7
  • kpatch-patch-3_10_0-957_35_1-0:1-1.el7
  • kpatch-patch-3_10_0-957_35_1-debuginfo-0:1-1.el7
  • kernel-0:3.10.0-862.41.2.el7
  • kernel-abi-whitelists-0:3.10.0-862.41.2.el7
  • kernel-bootwrapper-0:3.10.0-862.41.2.el7
  • kernel-debug-0:3.10.0-862.41.2.el7
  • kernel-debug-debuginfo-0:3.10.0-862.41.2.el7
  • kernel-debug-devel-0:3.10.0-862.41.2.el7
  • kernel-debuginfo-0:3.10.0-862.41.2.el7
  • kernel-debuginfo-common-ppc64-0:3.10.0-862.41.2.el7
  • kernel-debuginfo-common-ppc64le-0:3.10.0-862.41.2.el7
  • kernel-debuginfo-common-s390x-0:3.10.0-862.41.2.el7
  • kernel-debuginfo-common-x86_64-0:3.10.0-862.41.2.el7
  • kernel-devel-0:3.10.0-862.41.2.el7
  • kernel-doc-0:3.10.0-862.41.2.el7
  • kernel-headers-0:3.10.0-862.41.2.el7
  • kernel-kdump-0:3.10.0-862.41.2.el7
  • kernel-kdump-debuginfo-0:3.10.0-862.41.2.el7
  • kernel-kdump-devel-0:3.10.0-862.41.2.el7
  • kernel-tools-0:3.10.0-862.41.2.el7
  • kernel-tools-debuginfo-0:3.10.0-862.41.2.el7
  • kernel-tools-libs-0:3.10.0-862.41.2.el7
  • kernel-tools-libs-devel-0:3.10.0-862.41.2.el7
  • perf-0:3.10.0-862.41.2.el7
  • perf-debuginfo-0:3.10.0-862.41.2.el7
  • python-perf-0:3.10.0-862.41.2.el7
  • python-perf-debuginfo-0:3.10.0-862.41.2.el7
  • kernel-0:3.10.0-693.59.1.el7
  • kernel-abi-whitelists-0:3.10.0-693.59.1.el7
  • kernel-bootwrapper-0:3.10.0-693.59.1.el7
  • kernel-debug-0:3.10.0-693.59.1.el7
  • kernel-debug-debuginfo-0:3.10.0-693.59.1.el7
  • kernel-debug-devel-0:3.10.0-693.59.1.el7
  • kernel-debuginfo-0:3.10.0-693.59.1.el7
  • kernel-debuginfo-common-ppc64le-0:3.10.0-693.59.1.el7
  • kernel-debuginfo-common-x86_64-0:3.10.0-693.59.1.el7
  • kernel-devel-0:3.10.0-693.59.1.el7
  • kernel-doc-0:3.10.0-693.59.1.el7
  • kernel-headers-0:3.10.0-693.59.1.el7
  • kernel-tools-0:3.10.0-693.59.1.el7
  • kernel-tools-debuginfo-0:3.10.0-693.59.1.el7
  • kernel-tools-libs-0:3.10.0-693.59.1.el7
  • kernel-tools-libs-devel-0:3.10.0-693.59.1.el7
  • perf-0:3.10.0-693.59.1.el7
  • perf-debuginfo-0:3.10.0-693.59.1.el7
  • python-perf-0:3.10.0-693.59.1.el7
  • python-perf-debuginfo-0:3.10.0-693.59.1.el7
  • kernel-0:2.6.32-504.81.2.el6
  • kernel-abi-whitelists-0:2.6.32-504.81.2.el6
  • kernel-debug-0:2.6.32-504.81.2.el6
  • kernel-debug-debuginfo-0:2.6.32-504.81.2.el6
  • kernel-debug-devel-0:2.6.32-504.81.2.el6
  • kernel-debuginfo-0:2.6.32-504.81.2.el6
  • kernel-debuginfo-common-x86_64-0:2.6.32-504.81.2.el6
  • kernel-devel-0:2.6.32-504.81.2.el6
  • kernel-doc-0:2.6.32-504.81.2.el6
  • kernel-firmware-0:2.6.32-504.81.2.el6
  • kernel-headers-0:2.6.32-504.81.2.el6
  • perf-0:2.6.32-504.81.2.el6
  • perf-debuginfo-0:2.6.32-504.81.2.el6
  • python-perf-0:2.6.32-504.81.2.el6
  • python-perf-debuginfo-0:2.6.32-504.81.2.el6
  • redhat-release-virtualization-host-0:4.3.5-4.el7ev
  • redhat-virtualization-host-image-update-0:4.3.5-20190920.0.el7_7
  • redhat-virtualization-host-image-update-placeholder-0:4.3.5-4.el7ev
  • kernel-0:3.10.0-327.82.1.el7
  • kernel-abi-whitelists-0:3.10.0-327.82.1.el7
  • kernel-debug-0:3.10.0-327.82.1.el7
  • kernel-debug-debuginfo-0:3.10.0-327.82.1.el7
  • kernel-debug-devel-0:3.10.0-327.82.1.el7
  • kernel-debuginfo-0:3.10.0-327.82.1.el7
  • kernel-debuginfo-common-x86_64-0:3.10.0-327.82.1.el7
  • kernel-devel-0:3.10.0-327.82.1.el7
  • kernel-doc-0:3.10.0-327.82.1.el7
  • kernel-headers-0:3.10.0-327.82.1.el7
  • kernel-tools-0:3.10.0-327.82.1.el7
  • kernel-tools-debuginfo-0:3.10.0-327.82.1.el7
  • kernel-tools-libs-0:3.10.0-327.82.1.el7
  • kernel-tools-libs-devel-0:3.10.0-327.82.1.el7
  • perf-0:3.10.0-327.82.1.el7
  • perf-debuginfo-0:3.10.0-327.82.1.el7
  • python-perf-0:3.10.0-327.82.1.el7
  • python-perf-debuginfo-0:3.10.0-327.82.1.el7
  • kernel-0:3.10.0-514.69.1.el7
  • kernel-abi-whitelists-0:3.10.0-514.69.1.el7
  • kernel-bootwrapper-0:3.10.0-514.69.1.el7
  • kernel-debug-0:3.10.0-514.69.1.el7
  • kernel-debug-debuginfo-0:3.10.0-514.69.1.el7
  • kernel-debug-devel-0:3.10.0-514.69.1.el7
  • kernel-debuginfo-0:3.10.0-514.69.1.el7
  • kernel-debuginfo-common-ppc64le-0:3.10.0-514.69.1.el7
  • kernel-debuginfo-common-x86_64-0:3.10.0-514.69.1.el7
  • kernel-devel-0:3.10.0-514.69.1.el7
  • kernel-doc-0:3.10.0-514.69.1.el7
  • kernel-headers-0:3.10.0-514.69.1.el7
  • kernel-tools-0:3.10.0-514.69.1.el7
  • kernel-tools-debuginfo-0:3.10.0-514.69.1.el7
  • kernel-tools-libs-0:3.10.0-514.69.1.el7
  • kernel-tools-libs-devel-0:3.10.0-514.69.1.el7
  • perf-0:3.10.0-514.69.1.el7
  • perf-debuginfo-0:3.10.0-514.69.1.el7
  • python-perf-0:3.10.0-514.69.1.el7
  • python-perf-debuginfo-0:3.10.0-514.69.1.el7
  • kernel-0:2.6.32-431.96.2.el6
  • kernel-abi-whitelists-0:2.6.32-431.96.2.el6
  • kernel-debug-0:2.6.32-431.96.2.el6
  • kernel-debug-debuginfo-0:2.6.32-431.96.2.el6
  • kernel-debug-devel-0:2.6.32-431.96.2.el6
  • kernel-debuginfo-0:2.6.32-431.96.2.el6
  • kernel-debuginfo-common-x86_64-0:2.6.32-431.96.2.el6
  • kernel-devel-0:2.6.32-431.96.2.el6
  • kernel-doc-0:2.6.32-431.96.2.el6
  • kernel-firmware-0:2.6.32-431.96.2.el6
  • kernel-headers-0:2.6.32-431.96.2.el6
  • perf-0:2.6.32-431.96.2.el6
  • perf-debuginfo-0:2.6.32-431.96.2.el6
  • python-perf-0:2.6.32-431.96.2.el6
  • python-perf-debuginfo-0:2.6.32-431.96.2.el6
  • redhat-release-virtualization-host-0:4.2-14.1.el7
  • redhat-release-virtualization-host-content-0:4.2-14.1.el7
  • redhat-virtualization-host-image-update-0:4.2-20190919.0.el7_6
  • redhat-virtualization-host-image-update-placeholder-0:4.2-14.1.el7

References