English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.4.2018.0115.1
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2018:0115-1)
Summary:The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2018:0115-1 advisory.
Description:Summary:
The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2018:0115-1 advisory.

Vulnerability Insight:
The SUSE Linux Enterprise 12 GA LTSS kernel was updated to receive various security and bugfixes.

This update adds mitigations for various side channel attacks against modern CPUs that could disclose content of otherwise unreadable memory
(bnc#1068032).

- CVE-2017-5753 / 'SpectreAttack': Local attackers on systems with modern
CPUs featuring deep instruction pipelining could use attacker
controllable speculative execution over code patterns in the Linux
Kernel to leak content from otherwise not readable memory in the same
address space, allowing retrieval of passwords, cryptographic keys
and other secrets.

This problem is mitigated by adding speculative fencing on affected
code paths throughout the Linux kernel.

This issue is addressed for the x86_64, the IBM Power and IBM zSeries
architecture.

- CVE-2017-5715 / 'SpectreAttack': Local attackers on systems with modern
CPUs featuring branch prediction could use mispredicted branches to
speculatively execute code patterns that in turn could be made to
leak other non-readable content in the same address space, an attack
similar to CVE-2017-5753.

This problem is mitigated by disabling predictive branches, depending
on CPU architecture either by firmware updates and/or fixes in the
user-kernel privilege boundaries.

This is done with help of Linux Kernel fixes on the Intel/AMD x86_64
and IBM zSeries architectures. On x86_64, this requires also updates
of the CPU microcode packages, delivered in seperate updates.

For IBM Power and zSeries the required firmware updates are supplied
over regular channels by IBM.

As this feature can have a performance impact, it can be disabled
using the 'nospec' kernel commandline option.

- CVE-2017-5754 / 'MeltdownAttack': Local attackers on systems with
modern CPUs featuring deep instruction pipelining could use code
patterns in userspace to speculative executive code that would read
otherwise read protected memory, an attack similar to CVE-2017-5753.

This problem is mitigated by unmapping the Linux Kernel from the user
address space during user code execution, following a approach called
'KAISER'. The terms used here are 'KAISER' / 'Kernel Address Isolation'
and 'PTI' / 'Page Table Isolation'.

This update does this on the x86_64 architecture, it is not required
on the IBM zSeries architecture.

This feature can be enabled / disabled by the 'pti=[onoffauto]' or
'nopti' commandline options.

The following security bugs were fixed:

- CVE-2017-15868: The bnep_add_connection function in net/bluetooth/bnep/core.c in the Linux kernel did not ensure that an l2cap socket is available, which allowed local users to gain privileges via a crafted application (bnc#1071470).
- CVE-2017-13167: An elevation of privilege vulnerability in the kernel sound timer. (bnc#1072876).
- CVE-2017-16538: drivers/media/usb/dvb-usb-v2/lmedm04.c in the Linux kernel ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'Linux Kernel' package(s) on SUSE Linux Enterprise Server 12.

Solution:
Please install the updated package(s).

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2017-11600
BugTraq ID: 99928
http://www.securityfocus.com/bid/99928
Debian Security Information: DSA-3981 (Google Search)
http://www.debian.org/security/2017/dsa-3981
http://seclists.org/bugtraq/2017/Jul/30
RedHat Security Advisories: RHSA-2018:1965
https://access.redhat.com/errata/RHSA-2018:1965
RedHat Security Advisories: RHSA-2018:2003
https://access.redhat.com/errata/RHSA-2018:2003
RedHat Security Advisories: RHSA-2019:1170
https://access.redhat.com/errata/RHSA-2019:1170
RedHat Security Advisories: RHSA-2019:1190
https://access.redhat.com/errata/RHSA-2019:1190
SuSE Security Announcement: SUSE-SU-2018:0011 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html
Common Vulnerability Exposure (CVE) ID: CVE-2017-13167
Common Vulnerability Exposure (CVE) ID: CVE-2017-15115
101877
http://www.securityfocus.com/bid/101877
SUSE-SU-2018:0011
USN-3581-1
https://usn.ubuntu.com/3581-1/
USN-3581-2
https://usn.ubuntu.com/3581-2/
USN-3581-3
https://usn.ubuntu.com/3581-3/
USN-3582-1
https://usn.ubuntu.com/3582-1/
USN-3582-2
https://usn.ubuntu.com/3582-2/
USN-3583-1
https://usn.ubuntu.com/3583-1/
USN-3583-2
https://usn.ubuntu.com/3583-2/
[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update
https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=df80cd9b28b9ebaa284a41df611dbf3a2d05ca74
http://seclists.org/oss-sec/2017/q4/282
https://bugzilla.redhat.com/show_bug.cgi?id=1513345
https://github.com/torvalds/linux/commit/df80cd9b28b9ebaa284a41df611dbf3a2d05ca74
https://patchwork.ozlabs.org/patch/827077/
https://source.android.com/security/bulletin/pixel/2018-04-01
Common Vulnerability Exposure (CVE) ID: CVE-2017-15868
BugTraq ID: 102084
http://www.securityfocus.com/bid/102084
Debian Security Information: DSA-4082 (Google Search)
https://www.debian.org/security/2018/dsa-4082
Common Vulnerability Exposure (CVE) ID: CVE-2017-16534
https://github.com/torvalds/linux/commit/2e1c42391ff2556387b3cb6308b24f6f65619feb
https://groups.google.com/d/msg/syzkaller/nXnjqI73uPo/6sUyq6kqAgAJ
Common Vulnerability Exposure (CVE) ID: CVE-2017-16538
Debian Security Information: DSA-4073 (Google Search)
https://www.debian.org/security/2017/dsa-4073
https://groups.google.com/d/msg/syzkaller/XwNidsl4X04/ti6I2IaRBAAJ
https://patchwork.linuxtv.org/patch/44566/
https://patchwork.linuxtv.org/patch/44567/
https://usn.ubuntu.com/3631-1/
https://usn.ubuntu.com/3631-2/
https://usn.ubuntu.com/3754-1/
Common Vulnerability Exposure (CVE) ID: CVE-2017-17448
BugTraq ID: 102117
http://www.securityfocus.com/bid/102117
https://patchwork.kernel.org/patch/10089373/
RedHat Security Advisories: RHSA-2018:0654
https://access.redhat.com/errata/RHSA-2018:0654
RedHat Security Advisories: RHSA-2018:0676
https://access.redhat.com/errata/RHSA-2018:0676
RedHat Security Advisories: RHSA-2018:1062
https://access.redhat.com/errata/RHSA-2018:1062
https://usn.ubuntu.com/3617-1/
https://usn.ubuntu.com/3617-2/
https://usn.ubuntu.com/3617-3/
https://usn.ubuntu.com/3619-1/
https://usn.ubuntu.com/3619-2/
https://usn.ubuntu.com/3620-1/
https://usn.ubuntu.com/3620-2/
https://usn.ubuntu.com/3632-1/
Common Vulnerability Exposure (CVE) ID: CVE-2017-17449
BugTraq ID: 102122
http://www.securityfocus.com/bid/102122
https://lkml.org/lkml/2017/12/5/950
RedHat Security Advisories: RHSA-2018:1130
https://access.redhat.com/errata/RHSA-2018:1130
RedHat Security Advisories: RHSA-2018:1170
https://access.redhat.com/errata/RHSA-2018:1170
https://usn.ubuntu.com/3653-1/
https://usn.ubuntu.com/3653-2/
https://usn.ubuntu.com/3655-1/
https://usn.ubuntu.com/3655-2/
https://usn.ubuntu.com/3657-1/
Common Vulnerability Exposure (CVE) ID: CVE-2017-17450
BugTraq ID: 102110
http://www.securityfocus.com/bid/102110
https://lkml.org/lkml/2017/12/5/982
Common Vulnerability Exposure (CVE) ID: CVE-2017-17558
http://openwall.com/lists/oss-security/2017/12/12/7
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
https://www.spinics.net/lists/linux-usb/msg163644.html
https://lists.debian.org/debian-lts-announce/2018/01/msg00004.html
Common Vulnerability Exposure (CVE) ID: CVE-2017-5715
BugTraq ID: 102376
http://www.securityfocus.com/bid/102376
Bugtraq: 20190624 [SECURITY] [DSA 4469-1] libvirt security update (Google Search)
https://seclists.org/bugtraq/2019/Jun/36
Bugtraq: 20191112 FreeBSD Security Advisory FreeBSD-SA-19:26.mcu (Google Search)
https://seclists.org/bugtraq/2019/Nov/16
CERT/CC vulnerability note: VU#180049
https://www.kb.cert.org/vuls/id/180049
CERT/CC vulnerability note: VU#584653
http://www.kb.cert.org/vuls/id/584653
Cisco Security Advisory: 20180104 CPU Side-Channel Information Disclosure Vulnerabilities
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel
Debian Security Information: DSA-4120 (Google Search)
https://www.debian.org/security/2018/dsa-4120
Debian Security Information: DSA-4187 (Google Search)
https://www.debian.org/security/2018/dsa-4187
Debian Security Information: DSA-4188 (Google Search)
https://www.debian.org/security/2018/dsa-4188
Debian Security Information: DSA-4213 (Google Search)
https://www.debian.org/security/2018/dsa-4213
https://www.exploit-db.com/exploits/43427/
FreeBSD Security Advisory: FreeBSD-SA-18:03
https://security.FreeBSD.org/advisories/FreeBSD-SA-18:03.speculative_execution.asc
https://security.FreeBSD.org/advisories/FreeBSD-SA-19:26.mcu.asc
https://security.gentoo.org/glsa/201810-06
http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Proof-Of-Concept.html
http://packetstormsecurity.com/files/155281/FreeBSD-Security-Advisory-FreeBSD-SA-19-26.mcu.html
https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html
https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html
https://spectreattack.com/
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html
https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html
https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html
https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html
https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html
https://lists.debian.org/debian-lts-announce/2020/03/msg00025.html
https://lists.debian.org/debian-lts-announce/2021/08/msg00019.html
RedHat Security Advisories: RHSA-2018:0292
https://access.redhat.com/errata/RHSA-2018:0292
http://www.securitytracker.com/id/1040071
SuSE Security Announcement: SUSE-SU-2018:0006 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00002.html
SuSE Security Announcement: SUSE-SU-2018:0007 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00003.html
SuSE Security Announcement: SUSE-SU-2018:0008 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00004.html
SuSE Security Announcement: SUSE-SU-2018:0009 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00005.html
SuSE Security Announcement: SUSE-SU-2018:0010 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html
SuSE Security Announcement: SUSE-SU-2018:0012 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html
SuSE Security Announcement: SUSE-SU-2018:0019 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00012.html
SuSE Security Announcement: SUSE-SU-2018:0020 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00013.html
SuSE Security Announcement: openSUSE-SU-2018:0013 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00009.html
SuSE Security Announcement: openSUSE-SU-2018:0022 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html
SuSE Security Announcement: openSUSE-SU-2018:0023 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html
https://usn.ubuntu.com/usn/usn-3516-1/
https://usn.ubuntu.com/3531-1/
https://usn.ubuntu.com/3531-3/
https://usn.ubuntu.com/3540-2/
https://usn.ubuntu.com/3541-2/
https://usn.ubuntu.com/3542-2/
https://usn.ubuntu.com/3549-1/
https://usn.ubuntu.com/3560-1/
https://usn.ubuntu.com/3561-1/
https://usn.ubuntu.com/3580-1/
https://usn.ubuntu.com/3594-1/
https://usn.ubuntu.com/3597-1/
https://usn.ubuntu.com/3597-2/
https://usn.ubuntu.com/3690-1/
https://usn.ubuntu.com/3777-3/
Common Vulnerability Exposure (CVE) ID: CVE-2017-5753
BugTraq ID: 102371
http://www.securityfocus.com/bid/102371
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html
https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html
https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html
https://usn.ubuntu.com/3540-1/
https://usn.ubuntu.com/3541-1/
https://usn.ubuntu.com/3542-1/
Common Vulnerability Exposure (CVE) ID: CVE-2017-5754
BugTraq ID: 102378
http://www.securityfocus.com/bid/102378
BugTraq ID: 106128
http://www.securityfocus.com/bid/106128
Debian Security Information: DSA-4078 (Google Search)
https://www.debian.org/security/2018/dsa-4078
https://meltdownattack.com/
https://www.oracle.com/security-alerts/cpuapr2020.html
https://usn.ubuntu.com/usn/usn-3522-2/
https://usn.ubuntu.com/3522-3/
https://usn.ubuntu.com/3522-4/
https://usn.ubuntu.com/3523-1/
https://usn.ubuntu.com/usn/usn-3523-2/
https://usn.ubuntu.com/usn/usn-3524-2/
https://usn.ubuntu.com/usn/usn-3525-1/
Common Vulnerability Exposure (CVE) ID: CVE-2017-8824
BugTraq ID: 102056
http://www.securityfocus.com/bid/102056
https://www.exploit-db.com/exploits/43234/
http://lists.openwall.net/netdev/2017/12/04/224
http://www.openwall.com/lists/oss-security/2017/12/05/1
RedHat Security Advisories: RHSA-2018:0399
https://access.redhat.com/errata/RHSA-2018:0399
RedHat Security Advisories: RHSA-2018:1216
https://access.redhat.com/errata/RHSA-2018:1216
RedHat Security Advisories: RHSA-2018:1319
https://access.redhat.com/errata/RHSA-2018:1319
RedHat Security Advisories: RHSA-2018:3822
https://access.redhat.com/errata/RHSA-2018:3822
CopyrightCopyright (C) 2021 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.