Test ID:	1.3.6.1.4.1.25623.1.1.13.2019.226.01
Category:	Slackware Local Security Checks
Title:	Slackware: Security Advisory (SSA:2019-226-01)
Summary:	The remote host is missing an update for the 'kernel' package(s) announced via the SSA:2019-226-01 advisory.
Description:	Summary: The remote host is missing an update for the 'kernel' package(s) announced via the SSA:2019-226-01 advisory. Vulnerability Insight: New kernel packages are available for Slackware 14.2 to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/linux-4.4.189/*: Upgraded. These updates fix various bugs and many security issues, and include the Spectre v1 SWAPGS mitigations. Be sure to upgrade your initrd after upgrading the kernel packages. If you use lilo to boot your machine, be sure lilo.conf points to the correct kernel and initrd and run lilo as root to update the bootloader. If you use elilo to boot your machine, you should run eliloconfig to copy the kernel and initrd to the EFI System Partition. For more information, see: Fixed in 4.4.187: [links moved to references] Fixed in 4.4.189: [links moved to references] (* Security fix *) +--------------------------+ Affected Software/OS: 'kernel' package(s) on Slackware 14.2. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2017-18509 Bugtraq: 20190814 [slackware-security] Slackware 14.2 kernel (SSA:2019-226-01) (Google Search) https://seclists.org/bugtraq/2019/Aug/26 Debian Security Information: DSA-4497 (Google Search) https://www.debian.org/security/2019/dsa-4497 http://packetstormsecurity.com/files/154059/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=99253eb750fda6a644d5188fb26c43bad8d5a745 https://github.com/torvalds/linux/commit/99253eb750fda6a644d5188fb26c43bad8d5a745 https://lists.openwall.net/netdev/2017/12/04/40 https://pulsesecurity.co.nz/advisories/linux-kernel-4.9-inetcsklistenstop-gpf https://salsa.debian.org/kernel-team/linux/commit/baefcdc2f29923e7325ce4e1a72c3ff0a9800f32 https://lists.debian.org/debian-lts-announce/2019/08/msg00016.html https://lists.debian.org/debian-lts-announce/2019/08/msg00017.html https://usn.ubuntu.com/4145-1/ Common Vulnerability Exposure (CVE) ID: CVE-2018-20856 Bugtraq: 20190813 [SECURITY] [DSA 4497-1] linux security update (Google Search) https://seclists.org/bugtraq/2019/Aug/18 http://packetstormsecurity.com/files/154408/Kernel-Live-Patch-Security-Notice-LSN-0055-1.html http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.18.7 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=54648cf1ec2d7f4b6a71767799c45676a138ca24 https://github.com/torvalds/linux/commit/54648cf1ec2d7f4b6a71767799c45676a138ca24 RedHat Security Advisories: RHSA-2019:3055 https://access.redhat.com/errata/RHSA-2019:3055 RedHat Security Advisories: RHSA-2019:3076 https://access.redhat.com/errata/RHSA-2019:3076 RedHat Security Advisories: RHSA-2019:3089 https://access.redhat.com/errata/RHSA-2019:3089 RedHat Security Advisories: RHSA-2019:3217 https://access.redhat.com/errata/RHSA-2019:3217 RedHat Security Advisories: RHSA-2020:0100 https://access.redhat.com/errata/RHSA-2020:0100 RedHat Security Advisories: RHSA-2020:0103 https://access.redhat.com/errata/RHSA-2020:0103 RedHat Security Advisories: RHSA-2020:0543 https://access.redhat.com/errata/RHSA-2020:0543 RedHat Security Advisories: RHSA-2020:0664 https://access.redhat.com/errata/RHSA-2020:0664 RedHat Security Advisories: RHSA-2020:0698 https://access.redhat.com/errata/RHSA-2020:0698 https://usn.ubuntu.com/4094-1/ https://usn.ubuntu.com/4116-1/ https://usn.ubuntu.com/4118-1/ Common Vulnerability Exposure (CVE) ID: CVE-2019-10207 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10207 https://security.netapp.com/advisory/ntap-20200103-0001/ Common Vulnerability Exposure (CVE) ID: CVE-2019-1125 RHBA-2019:2824 https://access.redhat.com/errata/RHBA-2019:2824 RHBA-2019:3248 https://access.redhat.com/errata/RHBA-2019:3248 RHSA-2019:2600 https://access.redhat.com/errata/RHSA-2019:2600 RHSA-2019:2609 https://access.redhat.com/errata/RHSA-2019:2609 RHSA-2019:2695 https://access.redhat.com/errata/RHSA-2019:2695 RHSA-2019:2696 https://access.redhat.com/errata/RHSA-2019:2696 RHSA-2019:2730 https://access.redhat.com/errata/RHSA-2019:2730 RHSA-2019:2899 https://access.redhat.com/errata/RHSA-2019:2899 RHSA-2019:2900 https://access.redhat.com/errata/RHSA-2019:2900 RHSA-2019:2975 https://access.redhat.com/errata/RHSA-2019:2975 RHSA-2019:3011 https://access.redhat.com/errata/RHSA-2019:3011 RHSA-2019:3220 https://access.redhat.com/errata/RHSA-2019:3220 http://packetstormsecurity.com/files/156337/SWAPGS-Attack-Proof-Of-Concept.html http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200408-01-swapgs-en https://kc.mcafee.com/corporate/index?page=content&id=SB10297 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1125 https://www.synology.com/security/advisory/Synology_SA_19_32 Common Vulnerability Exposure (CVE) ID: CVE-2019-13631 BugTraq ID: 109291 http://www.securityfocus.com/bid/109291 Bugtraq: 20190812 [SECURITY] [DSA 4495-1] linux security update (Google Search) https://seclists.org/bugtraq/2019/Aug/13 Debian Security Information: DSA-4495 (Google Search) https://www.debian.org/security/2019/dsa-4495 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KQ5BQKTI24DPSVKPOIMMGDTFKCF6ASXT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TUXTJSLIQBOJTQDMTUQTQKUWWAJLFVEY/ https://patchwork.kernel.org/patch/11040813/ SuSE Security Announcement: openSUSE-SU-2019:1923 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00056.html SuSE Security Announcement: openSUSE-SU-2019:1924 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00055.html https://usn.ubuntu.com/4115-1/ https://usn.ubuntu.com/4147-1/ Common Vulnerability Exposure (CVE) ID: CVE-2019-13648 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GRK2MW223KQZ76DKEF2BZFN6TCXLZLDS/ https://patchwork.ozlabs.org/patch/1133904/ http://www.openwall.com/lists/oss-security/2019/07/30/1 https://usn.ubuntu.com/4114-1/ Common Vulnerability Exposure (CVE) ID: CVE-2019-14283 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.3 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=da99466ac243f15fbba65bd261bfc75ffa1532b6 https://github.com/torvalds/linux/commit/da99466ac243f15fbba65bd261bfc75ffa1532b6 https://usn.ubuntu.com/4117-1/ Common Vulnerability Exposure (CVE) ID: CVE-2019-14284 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f3554aeb991214cbfafd17d55e2bfddb50282e32 https://github.com/torvalds/linux/commit/f3554aeb991214cbfafd17d55e2bfddb50282e32
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.