Test ID:	1.3.6.1.4.1.25623.1.1.13.2020.008.01
Category:	Slackware Local Security Checks
Title:	Slackware: Security Advisory (SSA:2020-008-01)
Summary:	The remote host is missing an update for the 'kernel' package(s) announced via the SSA:2020-008-01 advisory.
Description:	Summary: The remote host is missing an update for the 'kernel' package(s) announced via the SSA:2020-008-01 advisory. Vulnerability Insight: New kernel packages are available for Slackware 14.2 to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/linux-4.4.208/*: Upgraded. IPV6_MULTIPLE_TABLES n -> y +IPV6_SUBTREES y These updates fix various bugs and security issues. Be sure to upgrade your initrd after upgrading the kernel packages. If you use lilo to boot your machine, be sure lilo.conf points to the correct kernel and initrd and run lilo as root to update the bootloader. If you use elilo to boot your machine, you should run eliloconfig to copy the kernel and initrd to the EFI System Partition. For more information, see: Fixed in 4.4.203: [links moved to references] Fixed in 4.4.204: [links moved to references] Fixed in 4.4.206: [link moved to references] Fixed in 4.4.207: [links moved to references] Fixed in 4.4.208: [links moved to references] (* Security fix *) +--------------------------+ Affected Software/OS: 'kernel' package(s) on Slackware 14.2. Solution: Please install the updated package(s). CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2019-12614 BugTraq ID: 108550 http://www.securityfocus.com/bid/108550 Bugtraq: 20200109 [slackware-security] Slackware 14.2 kernel (SSA:2020-008-01) (Google Search) https://seclists.org/bugtraq/2020/Jan/10 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OBJHGQXA4PQ5EOGCOXEH3KFDNVZ2I4X7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDURACJVGIBIYBSGDZJTRDPX46H5WPZW/ http://packetstormsecurity.com/files/154245/Kernel-Live-Patch-Security-Notice-LSN-0054-1.html http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html https://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux.git/commit/?id=efa9ace68e487ddd29c2b4d6dd23242158f1f607 https://lkml.org/lkml/2019/6/3/526 SuSE Security Announcement: openSUSE-SU-2019:1716 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00014.html SuSE Security Announcement: openSUSE-SU-2019:1757 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00025.html https://usn.ubuntu.com/4093-1/ https://usn.ubuntu.com/4094-1/ https://usn.ubuntu.com/4095-1/ https://usn.ubuntu.com/4095-2/ Common Vulnerability Exposure (CVE) ID: CVE-2019-15291 https://syzkaller.appspot.com/bug?id=c0203bd72037d07493f4b7562411e4f5f4553a8f https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html http://www.openwall.com/lists/oss-security/2019/08/20/2 http://www.openwall.com/lists/oss-security/2019/08/22/1 SuSE Security Announcement: openSUSE-SU-2019:2307 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html SuSE Security Announcement: openSUSE-SU-2019:2308 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html https://usn.ubuntu.com/4254-1/ https://usn.ubuntu.com/4254-2/ https://usn.ubuntu.com/4258-1/ https://usn.ubuntu.com/4284-1/ https://usn.ubuntu.com/4287-1/ https://usn.ubuntu.com/4287-2/ Common Vulnerability Exposure (CVE) ID: CVE-2019-15917 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.5 https://github.com/torvalds/linux/commit/56897b217a1d0a91c9920cb418d6b3fe922f590a https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html SuSE Security Announcement: openSUSE-SU-2019:2173 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html SuSE Security Announcement: openSUSE-SU-2019:2181 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html Common Vulnerability Exposure (CVE) ID: CVE-2019-18660 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YWWOOJKZ4NQYN4RMFIVJ3ZIXKJJI3MKP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYIFGYEDQXP5DVJQQUARQRK2PXKBKQGY/ https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=39e72bf96f5847ba87cc5bd7a3ce0fed813dc9ad https://www.openwall.com/lists/oss-security/2019/11/27/1 http://www.openwall.com/lists/oss-security/2019/11/27/1 RedHat Security Advisories: RHSA-2020:0174 https://access.redhat.com/errata/RHSA-2020:0174 SuSE Security Announcement: openSUSE-SU-2019:2675 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html https://usn.ubuntu.com/4225-1/ https://usn.ubuntu.com/4225-2/ https://usn.ubuntu.com/4226-1/ https://usn.ubuntu.com/4227-1/ https://usn.ubuntu.com/4227-2/ https://usn.ubuntu.com/4228-1/ https://usn.ubuntu.com/4228-2/ Common Vulnerability Exposure (CVE) ID: CVE-2019-18683 https://lore.kernel.org/lkml/20191103221719.27118-1-alex.popov@linux.com/ https://www.openwall.com/lists/oss-security/2019/11/02/1 http://www.openwall.com/lists/oss-security/2019/11/05/1 Common Vulnerability Exposure (CVE) ID: CVE-2019-19057 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PY7LJMSPAGRIKABJPDKQDTXYW3L5RX2T/ https://github.com/torvalds/linux/commit/d10dcb615c8e29d403a24d35f8310a7a53e3050c https://usn.ubuntu.com/4285-1/ Common Vulnerability Exposure (CVE) ID: CVE-2019-19062 https://github.com/torvalds/linux/commit/ffdde5932042600c6807d46c1550b28b0db6a3bc Common Vulnerability Exposure (CVE) ID: CVE-2019-19063 https://security.netapp.com/advisory/ntap-20191205-0001/ https://github.com/torvalds/linux/commit/3f93616951138a598d930dcaec40f2bfd9ce43bb https://www.oracle.com/security-alerts/cpuApr2021.html Common Vulnerability Exposure (CVE) ID: CVE-2019-19227 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9804501fa1228048857910a6bf23e085aade37cc Common Vulnerability Exposure (CVE) ID: CVE-2019-19332 USN-4254-1 USN-4254-2 USN-4258-1 USN-4284-1 USN-4287-1 USN-4287-2 [debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-19332 https://lore.kernel.org/kvm/000000000000ea5ec20598d90e50%40google.com/ https://security.netapp.com/advisory/ntap-20200204-0002/ https://www.openwall.com/lists/oss-security/2019/12/16/1 openSUSE-SU-2020:0336 http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html Common Vulnerability Exposure (CVE) ID: CVE-2019-19338 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-19338 https://software.intel.com/security-software-guidance/insights/deep-dive-intel-transactional-synchronization-extensions-intel-tsx-asynchronous-abort https://www.openwall.com/lists/oss-security/2019/12/10/3 Common Vulnerability Exposure (CVE) ID: CVE-2019-19524 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.12 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=fa3a5a1880c91bb92594ad42dfe9eedad7996b86 http://www.openwall.com/lists/oss-security/2019/12/03/4
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.