SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2017:1183-1) - Nessus

High   Plugin ID: 100023

This page contains detailed information about the SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2017:1183-1) Nessus plugin including available exploits and PoCs found on GitHub, in Metasploit or Exploit-DB for verifying of this vulnerability.

Table Of Contents
hide

Plugin Overview

ID: 100023
Name: SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2017:1183-1)
Filename: suse_SU-2017-1183-1.nasl
Vulnerability Published: 2016-05-02
This Plugin Published: 2017-05-08
Last Modification Time: 2021-01-06
Plugin Version: 3.12
Plugin Type: local
Plugin Family: SuSE Local Security Checks
Dependencies: ssh_get_info.nasl
Required KB Items [?]: Host/cpu, Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list

Vulnerability Information

Severity: High
Vulnerability Published: 2016-05-02
Patch Published: 2017-05-05
CVE [?]: CVE-2016-2117, CVE-2016-9191, CVE-2016-10200, CVE-2017-2596, CVE-2017-2671, CVE-2017-5986, CVE-2017-6074, CVE-2017-6214, CVE-2017-6345, CVE-2017-6346, CVE-2017-6347, CVE-2017-6353, CVE-2017-7187, CVE-2017-7261, CVE-2017-7294, CVE-2017-7308, CVE-2017-7374
CPE [?]: cpe:/o:novell:suse_linux:12, p-cpe:/a:novell:suse_linux:kernel-default, p-cpe:/a:novell:suse_linux:kernel-default-base, p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo, p-cpe:/a:novell:suse_linux:kernel-default-debuginfo, p-cpe:/a:novell:suse_linux:kernel-default-debugsource, p-cpe:/a:novell:suse_linux:kernel-default-devel, p-cpe:/a:novell:suse_linux:kernel-default-extra, p-cpe:/a:novell:suse_linux:kernel-default-extra-debuginfo, p-cpe:/a:novell:suse_linux:kernel-syms
Exploited by Malware: True

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The SUSE Linux Enterprise 12 SP2 kernel was updated to 4.4.58 to receive various security and bugfixes. Notable new/improved features :

- Improved support for Hyper-V

- Support for Matrox G200eH3

- Support for tcp_westwood The following security bugs were fixed :

- CVE-2017-2671: The ping_unhash function in net/ipv4/ping.c in the Linux kernel was too late in obtaining a certain lock and consequently could not ensure that disconnect function calls are safe, which allowed local users to cause a denial of service (panic) by leveraging access to the protocol value of IPPROTO_ICMP in a socket system call (bnc#1031003).

- CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in the Linux kernel did not properly validate certain block-size data, which allowed local users to cause a denial of service (overflow) or possibly have unspecified other impact via crafted system calls (bnc#1031579).

- CVE-2017-7294: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not validate addition of certain levels data, which allowed local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device (bnc#1031440).

- CVE-2017-7261: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not check for a zero value of certain levels data, which allowed local users to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and possibly panic) via a crafted ioctl call for a /dev/dri/renderD* device (bnc#1031052).

- CVE-2017-7187: The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel allowed local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call, leading to out-of-bounds write access in the sg_write function (bnc#1030213).

- CVE-2017-7374: Use-after-free vulnerability in fs/crypto/ in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference) or possibly gain privileges by revoking keyring keys being used for ext4, f2fs, or ubifs encryption, causing cryptographic transform objects to be freed prematurely (bnc#1032006).

- CVE-2016-10200: Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED status, related to net/l2tp/l2tp_ip.c and net/l2tp/l2tp_ip6.c (bnc#1028415).

- CVE-2017-6345: The LLC subsystem in the Linux kernel did not ensure that a certain destructor exists in required circumstances, which allowed local users to cause a denial of service (BUG_ON) or possibly have unspecified other impact via crafted system calls (bnc#1027190).

- CVE-2017-6346: Race condition in net/packet/af_packet.c in the Linux kernel allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a multithreaded application that made PACKET_FANOUT setsockopt system calls (bnc#1027189).

- CVE-2017-6353: net/sctp/socket.c in the Linux kernel did not properly restrict association peel-off operations during certain wait states, which allowed local users to cause a denial of service (invalid unlock and double free) via a multithreaded application. NOTE: this vulnerability exists because of an incorrect fix for CVE-2017-5986 (bnc#1027066).

- CVE-2017-6214: The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel allowed remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag (bnc#1026722).

- CVE-2016-2117: The atl2_probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the Linux kernel incorrectly enables scatter/gather I/O, which allowed remote attackers to obtain sensitive information from kernel memory by reading packet data (bnc#968697).

- CVE-2017-6347: The ip_cmsg_recv_checksum function in net/ipv4/ip_sockglue.c in the Linux kernel had incorrect expectations about skb data layout, which allowed local users to cause a denial of service (buffer over-read) or possibly have unspecified other impact via crafted system calls, as demonstrated by use of the MSG_MORE flag in conjunction with loopback UDP transmission (bnc#1027179).

- CVE-2016-9191: The cgroup offline implementation in the Linux kernel mishandled certain drain operations, which allowed local users to cause a denial of service (system hang) by leveraging access to a container environment for executing a crafted application (bnc#1008842).

- CVE-2017-2596: The nested_vmx_check_vmptr function in arch/x86/kvm/vmx.c in the Linux kernel improperly emulated the VMXON instruction, which allowed KVM L1 guest OS users to cause a denial of service (host OS memory consumption) by leveraging the mishandling of page references (bnc#1022785).

- CVE-2017-6074: The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel mishandled DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allowed local users to obtain root privileges or cause a denial of service (double free) via an application that made an IPV6_RECVPKTINFO setsockopt system call (bnc#1026024).

The update package also includes non-security fixes. See advisory for details.

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Workstation Extension 12-SP2:zypper in -t patch SUSE-SLE-WE-12-SP2-2017-697=1

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-697=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-697=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-697=1

SUSE Linux Enterprise Live Patching 12:zypper in -t patch SUSE-SLE-Live-Patching-12-2017-697=1

SUSE Linux Enterprise High Availability 12-SP2:zypper in -t patch SUSE-SLE-HA-12-SP2-2017-697=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-697=1

OpenStack Cloud Magnum Orchestration 7:zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-697=1

To bring your system up-to-date, use 'zypper patch'.

Public Exploits

Target Network Port(s): N/A
Target Asset(s): N/A
Exploit Available: True (Metasploit Framework, Exploit-DB, GitHub, Core Impact)
Exploit Ease: Exploits are available

Here's the list of publicly known exploits and PoCs for verifying the SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2017:1183-1) vulnerability:

  1. Metasploit: exploit/linux/local/af_packet_packet_set_ring_priv_esc
    [AF_PACKET packet_set_ring Privilege Escalation]
  2. Exploit-DB: exploits/linux/dos/41457.c
    [EDB-41457: Linux Kernel 4.4.0 (Ubuntu) - DCCP Double-Free (PoC)]
  3. Exploit-DB: exploits/linux/local/41458.c
    [EDB-41458: Linux Kernel 4.4.0 (Ubuntu) - DCCP Double-Free Privilege Escalation]
  4. Exploit-DB: exploits/linux/local/41994.c
    [EDB-41994: Linux Kernel 4.8.0-41-generic (Ubuntu) - Packet Socket Local Privilege Escalation]
  5. Exploit-DB: exploits/linux/local/44654.rb
    [EDB-44654: Linux 4.8.0 < 4.8.0-46 - AF_PACKET packet_set_ring Privilege Escalation (Metasploit)]
  6. Exploit-DB: exploits/linux/local/47168.c
    [EDB-47168: Linux Kernel 4.8.0-34 < 4.8.0-45 (Ubuntu / Linux Mint) - Packet Socket Local Privilege Escalation]
  7. GitHub: https://github.com/homjxi0e/CVE-2017-2671
    [CVE-2017-2671]
  8. GitHub: https://github.com/Amet13/vulncontrol
    [CVE-2017-5986]
  9. GitHub: https://github.com/Al1ex/LinuxEelvation
    [CVE-2017-6074]
  10. GitHub: https://github.com/Amet13/vulncontrol
    [CVE-2017-6074]
  11. GitHub: https://github.com/AtaraxiaCoLtd/vlun_report
    [CVE-2017-6074]
  12. GitHub: https://github.com/BimsaraMalinda/Linux-Kernel-4.4.0-Ubuntu---DCCP-Double-Free-Privilege-Escalation-CVE-2017-6074
    [CVE-2017-6074]
  13. GitHub: https://github.com/CKmaenn/kernel-exploits
    [CVE-2017-6074]
  14. GitHub: https://github.com/De4dCr0w/Linux-kernel-EoP-exp
    [CVE-2017-6074]
  15. GitHub: https://github.com/Dk0n9/linux_exploit
    [CVE-2017-6074]
  16. GitHub: https://github.com/Metarget/metarget
    [CVE-2017-6074]
  17. GitHub: https://github.com/R0B1NL1N/Linux-Kernal-Exploits-m-
    [CVE-2017-6074]
  18. GitHub: https://github.com/R0B1NL1N/Linux-Kernel-Exploites
    [CVE-2017-6074]
  19. GitHub: https://github.com/Snoopy-Sec/Localroot-ALL-CVE
    [CVE-2017-6074]
  20. GitHub: https://github.com/Technoashofficial/kernel-exploitation-linux
    [CVE-2017-6074]
  21. GitHub: https://github.com/WhaleShark-Team/murasame
    [CVE-2017-6074]
  22. GitHub: https://github.com/amrelsadane123/Ecploit-kernel-4.10-linux-local
    [CVE-2017-6074]
  23. GitHub: https://github.com/anoaghost/Localroot_Compile
    [CVE-2017-6074]
  24. GitHub: https://github.com/bsauce/kernel-exploit-factory
    [CVE-2017-6074]
  25. GitHub: https://github.com/bsauce/kernel-security-learning
    [CVE-2017-6074]
  26. GitHub: https://github.com/ferovap/Tools
    [CVE-2017-6074]
  27. GitHub: https://github.com/h4x0r-dz/local-root-exploit-
    [CVE-2017-6074]
  28. GitHub: https://github.com/jiayy/android_vuln_poc-exp
    [CVE-2017-6074]
  29. GitHub: https://github.com/kaosagnt/ansible-everyday
    [CVE-2017-6074]
  30. GitHub: https://github.com/qiantu88/Linux--exp
    [CVE-2017-6074]
  31. GitHub: https://github.com/rakjong/LinuxElevation
    [CVE-2017-6074]
  32. GitHub: https://github.com/skbasava/Linux-Kernel-exploit
    [CVE-2017-6074]
  33. GitHub: https://github.com/spencerdodd/kernelpop
    [CVE-2017-6074]
  34. GitHub: https://github.com/xairy/kernel-exploits
    [CVE-2017-6074]
  35. GitHub: https://github.com/xairy/kernel-exploits/tree/master/CVE-2017-6074
    [CVE-2017-6074]
  36. GitHub: https://github.com/xairy/linux-kernel-exploitation
    [CVE-2017-6074]
  37. GitHub: https://github.com/xyongcn/exploit
    [CVE-2017-6074]
  38. GitHub: https://github.com/wcventure/PERIOD
    [CVE-2017-6346]
  39. GitHub: https://github.com/Al1ex/LinuxEelvation
    [CVE-2017-7308]
  40. GitHub: https://github.com/CKmaenn/kernel-exploits
    [CVE-2017-7308]
  41. GitHub: https://github.com/De4dCr0w/Linux-kernel-EoP-exp
    [CVE-2017-7308]
  42. GitHub: https://github.com/Metarget/metarget
    [CVE-2017-7308]
  43. GitHub: https://github.com/R0B1NL1N/Linux-Kernal-Exploits-m-
    [CVE-2017-7308]
  44. GitHub: https://github.com/R0B1NL1N/Linux-Kernel-Exploites
    [CVE-2017-7308]
  45. GitHub: https://github.com/RLee063/RLee063
    [CVE-2017-7308]
  46. GitHub: https://github.com/Snoopy-Sec/Localroot-ALL-CVE
    [CVE-2017-7308]
  47. GitHub: https://github.com/Technoashofficial/kernel-exploitation-linux
    [CVE-2017-7308]
  48. GitHub: https://github.com/amrelsadane123/Ecploit-kernel-4.10-linux-local
    [CVE-2017-7308]
  49. GitHub: https://github.com/anoaghost/Localroot_Compile
    [CVE-2017-7308]
  50. GitHub: https://github.com/bcoles/kernel-exploits
    [CVE-2017-7308]
  51. GitHub: https://github.com/bitdefender/vbh_sample
    [CVE-2017-7308]
  52. GitHub: https://github.com/bsauce/kernel-exploit-factory
    [CVE-2017-7308]
  53. GitHub: https://github.com/bsauce/kernel-security-learning
    [CVE-2017-7308]
  54. GitHub: https://github.com/ferovap/Tools
    [CVE-2017-7308]
  55. GitHub: https://github.com/h4x0r-dz/local-root-exploit-
    [CVE-2017-7308]
  56. GitHub: https://github.com/jiayy/android_vuln_poc-exp
    [CVE-2017-7308]
  57. GitHub: https://github.com/n3t1nv4d3/kernel-exploits
    [CVE-2017-7308]
  58. GitHub: https://github.com/qiantu88/Linux--exp
    [CVE-2017-7308]
  59. GitHub: https://github.com/rakjong/LinuxElevation
    [CVE-2017-7308]
  60. GitHub: https://github.com/skbasava/Linux-Kernel-exploit
    [CVE-2017-7308]
  61. GitHub: https://github.com/spencerdodd/kernelpop
    [CVE-2017-7308]
  62. GitHub: https://github.com/xairy/kernel-exploits
    [CVE-2017-7308]
  63. GitHub: https://github.com/xairy/kernel-exploits/tree/master/CVE-2017-7308
    [CVE-2017-7308]
  64. GitHub: https://github.com/xairy/linux-kernel-exploitation
    [CVE-2017-7308]
  65. GitHub: https://github.com/chanbin/CVE-2017-11882
    [CVE-2017-7374]
  66. GitHub: https://github.com/ictnamanh/CVE-2017-9248
    [CVE-2017-7374]
  67. GitHub: https://github.com/ww9210/cve-2017-7374
    [CVE-2017-7374]

Before running any exploit against any system, make sure you are authorized by the owner of the target system(s) to perform such activity. In any other case, this would be considered as an illegal activity.

WARNING: Beware of using unverified exploits from sources such as GitHub or Exploit-DB. These exploits and PoCs could contain malware. For more information, see how to use exploits safely.

Risk Information

CVSS V2 Vector [?]: AV:L/AC:L/Au:N/C:C/I:C/A:C/E:H/RL:OF/RC:C
CVSS Base Score:7.2 (High)
Impact Subscore:10.0
Exploitability Subscore:3.9
CVSS Temporal Score:6.3 (Medium)
CVSS Environmental Score:NA (None)
Modified Impact Subscore:NA
Overall CVSS Score:6.3 (Medium)
CVSS V3 Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C
CVSS Base Score:7.8 (High)
Impact Subscore:5.9
Exploitability Subscore:1.8
CVSS Temporal Score:7.5 (High)
CVSS Environmental Score:NA (None)
Modified Impact Subscore:NA
Overall CVSS Score:7.5 (High)

Go back to menu.

Plugin Source

This is the suse_SU-2017-1183-1.nasl nessus plugin source code. This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof. 

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SUSE update advisory SUSE-SU-2017:1183-1.
# The text itself is copyright (C) SUSE.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(100023);
  script_version("3.12");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id("CVE-2016-10200", "CVE-2016-2117", "CVE-2016-9191", "CVE-2017-2596", "CVE-2017-2671", "CVE-2017-5986", "CVE-2017-6074", "CVE-2017-6214", "CVE-2017-6345", "CVE-2017-6346", "CVE-2017-6347", "CVE-2017-6353", "CVE-2017-7187", "CVE-2017-7261", "CVE-2017-7294", "CVE-2017-7308", "CVE-2017-7374");

  script_name(english:"SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2017:1183-1)");
  script_summary(english:"Checks rpm output for the updated packages.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote SUSE host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The SUSE Linux Enterprise 12 SP2 kernel was updated to 4.4.58 to
receive various security and bugfixes. Notable new/improved features :

  - Improved support for Hyper-V

  - Support for Matrox G200eH3

  - Support for tcp_westwood The following security bugs
    were fixed :

  - CVE-2017-2671: The ping_unhash function in
    net/ipv4/ping.c in the Linux kernel was too late in
    obtaining a certain lock and consequently could not
    ensure that disconnect function calls are safe, which
    allowed local users to cause a denial of service (panic)
    by leveraging access to the protocol value of
    IPPROTO_ICMP in a socket system call (bnc#1031003).

  - CVE-2017-7308: The packet_set_ring function in
    net/packet/af_packet.c in the Linux kernel did not
    properly validate certain block-size data, which allowed
    local users to cause a denial of service (overflow) or
    possibly have unspecified other impact via crafted
    system calls (bnc#1031579).

  - CVE-2017-7294: The vmw_surface_define_ioctl function in
    drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux
    kernel did not validate addition of certain levels data,
    which allowed local users to trigger an integer overflow
    and out-of-bounds write, and cause a denial of service
    (system hang or crash) or possibly gain privileges, via
    a crafted ioctl call for a /dev/dri/renderD* device
    (bnc#1031440).

  - CVE-2017-7261: The vmw_surface_define_ioctl function in
    drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux
    kernel did not check for a zero value of certain levels
    data, which allowed local users to cause a denial of
    service (ZERO_SIZE_PTR dereference, and GPF and possibly
    panic) via a crafted ioctl call for a /dev/dri/renderD*
    device (bnc#1031052).

  - CVE-2017-7187: The sg_ioctl function in
    drivers/scsi/sg.c in the Linux kernel allowed local
    users to cause a denial of service (stack-based buffer
    overflow) or possibly have unspecified other impact via
    a large command size in an SG_NEXT_CMD_LEN ioctl call,
    leading to out-of-bounds write access in the sg_write
    function (bnc#1030213).

  - CVE-2017-7374: Use-after-free vulnerability in
    fs/crypto/ in the Linux kernel allowed local users to
    cause a denial of service (NULL pointer dereference) or
    possibly gain privileges by revoking keyring keys being
    used for ext4, f2fs, or ubifs encryption, causing
    cryptographic transform objects to be freed prematurely
    (bnc#1032006).

  - CVE-2016-10200: Race condition in the L2TPv3 IP
    Encapsulation feature in the Linux kernel allowed local
    users to gain privileges or cause a denial of service
    (use-after-free) by making multiple bind system calls
    without properly ascertaining whether a socket has the
    SOCK_ZAPPED status, related to net/l2tp/l2tp_ip.c and
    net/l2tp/l2tp_ip6.c (bnc#1028415).

  - CVE-2017-6345: The LLC subsystem in the Linux kernel did
    not ensure that a certain destructor exists in required
    circumstances, which allowed local users to cause a
    denial of service (BUG_ON) or possibly have unspecified
    other impact via crafted system calls (bnc#1027190).

  - CVE-2017-6346: Race condition in net/packet/af_packet.c
    in the Linux kernel allowed local users to cause a
    denial of service (use-after-free) or possibly have
    unspecified other impact via a multithreaded application
    that made PACKET_FANOUT setsockopt system calls
    (bnc#1027189).

  - CVE-2017-6353: net/sctp/socket.c in the Linux kernel did
    not properly restrict association peel-off operations
    during certain wait states, which allowed local users to
    cause a denial of service (invalid unlock and double
    free) via a multithreaded application. NOTE: this
    vulnerability exists because of an incorrect fix for
    CVE-2017-5986 (bnc#1027066).

  - CVE-2017-6214: The tcp_splice_read function in
    net/ipv4/tcp.c in the Linux kernel allowed remote
    attackers to cause a denial of service (infinite loop
    and soft lockup) via vectors involving a TCP packet with
    the URG flag (bnc#1026722).

  - CVE-2016-2117: The atl2_probe function in
    drivers/net/ethernet/atheros/atlx/atl2.c in the Linux
    kernel incorrectly enables scatter/gather I/O, which
    allowed remote attackers to obtain sensitive information
    from kernel memory by reading packet data (bnc#968697).

  - CVE-2017-6347: The ip_cmsg_recv_checksum function in
    net/ipv4/ip_sockglue.c in the Linux kernel had incorrect
    expectations about skb data layout, which allowed local
    users to cause a denial of service (buffer over-read) or
    possibly have unspecified other impact via crafted
    system calls, as demonstrated by use of the MSG_MORE
    flag in conjunction with loopback UDP transmission
    (bnc#1027179).

  - CVE-2016-9191: The cgroup offline implementation in the
    Linux kernel mishandled certain drain operations, which
    allowed local users to cause a denial of service (system
    hang) by leveraging access to a container environment
    for executing a crafted application (bnc#1008842).

  - CVE-2017-2596: The nested_vmx_check_vmptr function in
    arch/x86/kvm/vmx.c in the Linux kernel improperly
    emulated the VMXON instruction, which allowed KVM L1
    guest OS users to cause a denial of service (host OS
    memory consumption) by leveraging the mishandling of
    page references (bnc#1022785).

  - CVE-2017-6074: The dccp_rcv_state_process function in
    net/dccp/input.c in the Linux kernel mishandled
    DCCP_PKT_REQUEST packet data structures in the LISTEN
    state, which allowed local users to obtain root
    privileges or cause a denial of service (double free)
    via an application that made an IPV6_RECVPKTINFO
    setsockopt system call (bnc#1026024).

The update package also includes non-security fixes. See advisory for
details.

Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1007959"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1007962"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1008842"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1010032"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1011913"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1012382"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1012910"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1013994"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1014136"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1015609"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1017461"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1017641"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1018263"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1018419"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1019163"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1019614"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1019618"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1020048"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1021762"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1022340"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1022785"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1023866"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1024015"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1025683"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1026024"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1026405"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1026462"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1026505"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1026509"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1026692"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1026722"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1027054"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1027066"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1027153"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1027179"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1027189"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1027190"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1027195"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1027273"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1027616"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1028017"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1028027"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1028041"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1028158"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1028217"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1028325"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1028415"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1028819"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1028895"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1029220"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1029514"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1029634"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1029986"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1030118"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1030213"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1031003"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1031052"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1031200"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1031206"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1031208"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1031440"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1031481"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1031579"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1031660"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1031662"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1031717"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1031831"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1032006"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1032673"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=1032681"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=897662"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=951844"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=968697"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=969755"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=970083"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=977572"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=977860"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=978056"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=980892"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=981634"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=982783"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=987899"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=988281"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=991173"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.suse.com/show_bug.cgi?id=998106"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2016-10200/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2016-2117/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2016-9191/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-2596/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-2671/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-6074/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-6214/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-6345/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-6346/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-6347/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-6353/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-7187/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-7261/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-7294/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-7308/"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://www.suse.com/security/cve/CVE-2017-7374/"
  );
  # https://www.suse.com/support/update/announcement/2017/suse-su-20171183-1/
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?e163b69f"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Workstation Extension 12-SP2:zypper in -t patch
SUSE-SLE-WE-12-SP2-2017-697=1

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t
patch SUSE-SLE-SDK-12-SP2-2017-697=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t
patch SUSE-SLE-RPI-12-SP2-2017-697=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch
SUSE-SLE-SERVER-12-SP2-2017-697=1

SUSE Linux Enterprise Live Patching 12:zypper in -t patch
SUSE-SLE-Live-Patching-12-2017-697=1

SUSE Linux Enterprise High Availability 12-SP2:zypper in -t patch
SUSE-SLE-HA-12-SP2-2017-697=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch
SUSE-SLE-DESKTOP-12-SP2-2017-697=1

OpenStack Cloud Magnum Orchestration 7:zypper in -t patch
SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-697=1

To bring your system up-to-date, use 'zypper patch'."
  );
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_core", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'AF_PACKET packet_set_ring Privilege Escalation');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-base");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-extra");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-extra-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-syms");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");

  script_set_attribute(attribute:"vuln_publication_date", value:"2016/05/02");
  script_set_attribute(attribute:"patch_publication_date", value:"2017/05/05");
  script_set_attribute(attribute:"plugin_publication_date", value:"2017/05/08");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
os_ver = os_ver[1];
if (! preg(pattern:"^(SLED12|SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED12 / SLES12", "SUSE " + os_ver);

if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
if (cpu >!< "x86_64") audit(AUDIT_ARCH_NOT, "x86_64", cpu);


sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLES12" && (! preg(pattern:"^(2)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP2", os_ver + " SP" + sp);
if (os_ver == "SLED12" && (! preg(pattern:"^(2)$", string:sp))) audit(AUDIT_OS_NOT, "SLED12 SP2", os_ver + " SP" + sp);


flag = 0;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"kernel-default-4.4.59-92.17.3")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"kernel-default-base-4.4.59-92.17.3")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"kernel-default-base-debuginfo-4.4.59-92.17.3")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"kernel-default-debuginfo-4.4.59-92.17.3")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"kernel-default-debugsource-4.4.59-92.17.3")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"kernel-default-devel-4.4.59-92.17.3")) flag++;
if (rpm_check(release:"SLES12", sp:"2", cpu:"x86_64", reference:"kernel-syms-4.4.59-92.17.2")) flag++;
if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"kernel-default-4.4.59-92.17.3")) flag++;
if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"kernel-default-debuginfo-4.4.59-92.17.3")) flag++;
if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"kernel-default-debugsource-4.4.59-92.17.3")) flag++;
if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"kernel-default-devel-4.4.59-92.17.3")) flag++;
if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"kernel-default-extra-4.4.59-92.17.3")) flag++;
if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"kernel-default-extra-debuginfo-4.4.59-92.17.3")) flag++;
if (rpm_check(release:"SLED12", sp:"2", cpu:"x86_64", reference:"kernel-syms-4.4.59-92.17.2")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel");
}

The latest version of this script can be found in these locations depending on your platform:

  • Linux / Unix:
    /opt/nessus/lib/nessus/plugins/suse_SU-2017-1183-1.nasl
  • Windows:
    C:\ProgramData\Tenable\Nessus\nessus\plugins\suse_SU-2017-1183-1.nasl
  • Mac OS X:
    /Library/Nessus/run/lib/nessus/plugins/suse_SU-2017-1183-1.nasl

Go back to menu.

How to Run

Here is how to run the SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2017:1183-1) as a standalone plugin via the Nessus web user interface (https://localhost:8834/):

  1. Click to start a New Scan.
  2. Select Advanced Scan.
  3. Navigate to the Plugins tab.
  4. On the top right corner click to Disable All plugins.
  5. On the left side table select SuSE Local Security Checks plugin family.
  6. On the right side table select SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2017:1183-1) plugin ID 100023.
  7. Specify the target on the Settings tab and click to Save the scan.
  8. Run the scan.

Here are a few examples of how to run the plugin in the command line. Note that the examples below demonstrate the usage on the Linux / Unix platform.

Basic usage:

/opt/nessus/bin/nasl suse_SU-2017-1183-1.nasl -t <IP/HOST>

Run the plugin with audit trail message on the console:

/opt/nessus/bin/nasl -a suse_SU-2017-1183-1.nasl -t <IP/HOST>

Run the plugin with trace script execution written to the console (useful for debugging):

/opt/nessus/bin/nasl -T - suse_SU-2017-1183-1.nasl -t <IP/HOST>

Run the plugin with using a state file for the target and updating it (useful for running multiple plugins on the target):

/opt/nessus/bin/nasl -K /tmp/state suse_SU-2017-1183-1.nasl -t <IP/HOST>

Go back to menu.

References

See also: Similar and related Nessus plugins:
  • 100044 - openSUSE Security Update : the Linux Kernel (openSUSE-2017-562)
  • 100106 - Amazon Linux AMI : kernel (ALAS-2017-828)
  • 100143 - RHEL 6 / 7 : rhev-hypervisor (RHSA-2017:1209)
  • 100150 - SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1247-1)
  • 100206 - SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1278-1)
  • 100207 - SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1281-1)
  • 100209 - SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1285-1)
  • 100210 - SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1287-1)
  • 100211 - SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1291-1)
  • 100212 - SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1299-1)
  • 100213 - SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1300-1)
  • 100214 - SUSE SLES11 Security Update : kernel (SUSE-SU-2017:1301-1)
  • 100215 - SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1302-1)
  • 100234 - Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3566)
  • 100235 - Oracle Linux 6 : Unbreakable Enterprise kernel (ELSA-2017-3567)
  • 100237 - OracleVM 3.3 : Unbreakable / etc (OVMSA-2017-0105)
  • 100238 - OracleVM 3.2 : Unbreakable / etc (OVMSA-2017-0106)

Version

This page has been produced using Nessus Professional 10.1.2 (#68) LINUX, Plugin set 202205072148.
Plugin file suse_SU-2017-1183-1.nasl version 3.12. For more plugins, visit the Nessus Plugin Library.

Go back to menu.