openSUSE Security Update : the Linux Kernel (openSUSE-2016-753) - Nessus

Critical Plugin ID: 91736

This page contains detailed information about the openSUSE Security Update : the Linux Kernel (openSUSE-2016-753) Nessus plugin including available exploits and PoCs found on GitHub, in Metasploit or Exploit-DB for verifying of this vulnerability.

Table Of Contents

hide

Plugin Overview
Vulnerability Information

Synopsis
Description
Solution

Public Exploits
Risk Information
Plugin Source
How to Run
References
Version

Plugin Overview

ID: 91736
Name: openSUSE Security Update : the Linux Kernel (openSUSE-2016-753)
Filename: openSUSE-2016-753.nasl
Vulnerability Published: N/A
This Plugin Published: 2016-06-22
Last Modification Time: 2021-01-19
Plugin Version: 2.9
Plugin Type: local
Plugin Family: SuSE Local Security Checks
Dependencies: ssh_get_info.nasl
Required KB Items [?]: Host/cpu, Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list

Vulnerability Information

Synopsis

The remote openSUSE host is missing a security update.

Description

The openSUSE Leap 42.1 kernel was updated to 4.1.26 to receive various security and bugfixes.

The following security bugs were fixed :

- CVE-2016-1583: Prevent the usage of mmap when the lower file system does not allow it. This could have lead to local privilege escalation when ecryptfs-utils was installed and /sbin/mount.ecryptfs_private was setuid (bsc#983143).

- CVE-2016-4565: The InfiniBand (aka IB) stack in the Linux kernel incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface. (bsc#979548)

- CVE-2016-4805: Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kernel allowed local users to cause a denial of service (memory corruption and system crash, or spinlock) or possibly have unspecified other impact by removing a network namespace, related to the ppp_register_net_channel and ppp_unregister_channel functions. (bsc#980371).

- CVE-2016-4951: The tipc_nl_publ_dump function in net/tipc/socket.c in the Linux kernel did not verify socket existence, which allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a dumpit operation. (bsc#981058).

- CVE-2016-5244: An information leak vulnerability in function rds_inc_info_copy of file net/rds/recv.c was fixed that might have leaked kernel stack data. (bsc#983213).

- CVE-2016-4580: The x25_negotiate_facilities function in net/x25/x25_facilities.c in the Linux kernel did not properly initialize a certain data structure, which allowed attackers to obtain sensitive information from kernel stack memory via an X.25 Call Request. (bsc#981267).

- CVE-2016-0758: Tags with indefinite length could have corrupted pointers in asn1_find_indefinite_length (bsc#979867).

- CVE-2016-2053: The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel allowed attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function in crypto/asymmetric_keys/public_key.c (bnc#963762).

- CVE-2013-7446: Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel allowed local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls (bnc#955654).

- CVE-2016-3134: The netfilter subsystem in the Linux kernel did not validate certain offset fields, which allowed local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call (bnc#971126).

- CVE-2016-3672: The arch_pick_mmap_layout function in arch/x86/mm/mmap.c in the Linux kernel did not properly randomize the legacy base address, which made it easier for local users to defeat the intended restrictions on the ADDR_NO_RANDOMIZE flag, and bypass the ASLR protection mechanism for a setuid or setgid program, by disabling stack-consumption resource limits (bnc#974308).

- CVE-2016-4482: A kernel information leak in the usbfs devio connectinfo was fixed, which could expose kernel stack memory to userspace. (bnc#978401).

- CVE-2016-4485: A kernel information leak in llc was fixed (bsc#978821).

- CVE-2016-4486: A kernel information leak in rtnetlink was fixed, where 4 uninitialized bytes could leak to userspace (bsc#978822).

- CVE-2016-4557: A use-after-free via double-fdput in replace_map_fd_with_map_ptr() was fixed, which could allow privilege escalation (bsc#979018).

- CVE-2016-4565: When the 'rdma_ucm' infiniband module is loaded, local attackers could escalate their privileges (bsc#979548).

- CVE-2016-4569: A kernel information leak in the ALSA timer via events via snd_timer_user_tinterrupt that could leak information to userspace was fixed (bsc#979213).

- CVE-2016-4578: A kernel information leak in the ALSA timer via events that could leak information to userspace was fixed (bsc#979879).

- CVE-2016-4581: If the first propogated mount copy was being a slave it could oops the kernel (bsc#979913)

The following non-security bugs were fixed :

- ALSA: hda - Add dock support for ThinkPad X260 (boo#979278).

- ALSA: hda - Apply fix for white noise on Asus N550JV, too (boo#979278).

- ALSA: hda - Asus N750JV external subwoofer fixup (boo#979278).

- ALSA: hda - Fix broken reconfig (boo#979278).

- ALSA: hda - Fix headphone mic input on a few Dell ALC293 machines (boo#979278).

- ALSA: hda - Fix subwoofer pin on ASUS N751 and N551 (boo#979278).

- ALSA: hda - Fix white noise on Asus N750JV headphone (boo#979278).

- ALSA: hda - Fix white noise on Asus UX501VW headset (boo#979278).

- ALSA: hda/realtek - Add ALC3234 headset mode for Optiplex 9020m (boo#979278).

- ALSA: hda/realtek - New codecs support for ALC234/ALC274/ALC294 (boo#979278).

- ALSA: hda/realtek - New codec support of ALC225 (boo#979278).

- ALSA: hda/realtek - Support headset mode for ALC225 (boo#979278).

- ALSA: pcxhr: Fix missing mutex unlock (boo#979278).

- ALSA: usb-audio: Quirk for yet another Phoenix Audio devices (v2) (boo#979278).

- bluetooth: fix power_on vs close race (bsc#966849).

- bluetooth: vhci: fix open_timeout vs. hdev race (bsc#971799,bsc#966849).

- bluetooth: vhci: Fix race at creating hci device (bsc#971799,bsc#966849).

- bluetooth: vhci: purge unhandled skbs (bsc#971799,bsc#966849).

- btrfs: do not use src fd for printk (bsc#980348).

- btrfs: fix crash/invalid memory access on fsync when using overlayfs (bsc#977198)

- drm: qxl: Workaround for buggy user-space (bsc#981344).

- enic: set netdev->vlan_features (bsc#966245).

- fs: add file_dentry() (bsc#977198).

- IB/IPoIB: Do not set skb truesize since using one linearskb (bsc#980657).

- input: i8042 - lower log level for 'no controller' message (bsc#945345).

- kabi: Add kabi/severities entries to ignore sound/hda/*, x509_*, efivar_validate, file_open_root and dax_fault

- kabi: Add some fixups (module, pci_dev, drm, fuse and thermal)

- kabi: file_dentry changes (bsc#977198).

- kABI fixes for 4.1.22

- mm/page_alloc.c: calculate 'available' memory in a separate function (bsc#982239).

- net: disable fragment reassembly if high_thresh is zero (bsc#970506).

- of: iommu: Silence misleading warning.

- pstore_register() error handling was wrong -- it tried to release lock before it's acquired, causing spinlock / preemption imbalance. - usb: quirk to stop runtime PM for Intel 7260 (bnc#984460).

- Revert 'usb: hub: do not clear BOS field during reset device' (boo#979728).

- usb: core: hub: hub_port_init lock controller instead of bus (bnc#978073).

- usb: preserve kABI in address0 locking (bnc#978073).

- usb: usbip: fix potential out-of-bounds write (bnc#975945).

- USB: xhci: Add broken streams quirk for Frescologic device id 1009 (bnc#982712).

- virtio_balloon: do not change memory amount visible via /proc/meminfo (bsc#982238).

- virtio_balloon: export 'available' memory to balloon statistics (bsc#982239).

Solution

Update the affected the Linux Kernel packages.

Public Exploits

Target Network Port(s): N/A
Target Asset(s): N/A
Exploit Available: True (Metasploit Framework, Exploit-DB, GitHub)
Exploit Ease: Exploits are available

Here's the list of publicly known exploits and PoCs for verifying the openSUSE Security Update : the Linux Kernel (openSUSE-2016-753) vulnerability:

Metasploit: exploit/linux/local/bpf_priv_esc
[Linux BPF doubleput UAF Privilege Escalation]
Exploit-DB: exploits/linux_x86/dos/39669.txt
[EDB-39669: Linux Kernel (x86) - Disable ASLR by Setting the RLIMIT_STACK Resource to Unlimited]
Exploit-DB: exploits/linux/dos/46529.c
[EDB-46529: Linux Kernel 4.4 (Ubuntu 16.04) - 'snd_timer_user_ccallback()' Kernel Pointer Leak]
Exploit-DB: exploits/linux/local/40759.rb
[EDB-40759: Linux Kernel 4.4 (Ubuntu 16.04) - 'BPF' Local Privilege Escalation (Metasploit)]
Exploit-DB: exploits/linux/local/46006.c
[EDB-46006: Linux Kernel 4.4 - 'rtnetlink' Stack Memory Disclosure]
Exploit-DB: exploits/hardware/remote/47067.py
[EDB-47067: FaceSentry Access Control System 6.4.8 - Remote SSH Root]
Exploit-DB: exploits/hardware/remote/47625.py
[EDB-47625: eMerge E3 Access Controller 4.6.07 - Remote Code Execution]
GitHub: https://github.com/mudongliang/LinuxFlaw/tree/master/CVE-2013-7446
[CVE-2013-7446]
GitHub: https://github.com/andrewwebber/kate
[CVE-2016-0758]
GitHub: https://github.com/Technoashofficial/kernel-exploitation-linux
[CVE-2016-1583]
GitHub: https://github.com/skbasava/Linux-Kernel-exploit
[CVE-2016-1583]
GitHub: https://github.com/xairy/linux-kernel-exploitation
[CVE-2016-1583]
GitHub: https://github.com/bcoles/kasld
[CVE-2016-4486]
GitHub: https://github.com/dylandreimerink/gobpfld
[CVE-2016-4557]
GitHub: https://github.com/mudongliang/LinuxFlaw/tree/master/CVE-2016-4557
[CVE-2016-4557]
GitHub: https://github.com/bcoles/kasld
[CVE-2016-4569]
GitHub: https://github.com/pqsec/uboatdemo
[CVE-2016-3955: A demo server for CVE-2016-3955 (UBOAT)]

Before running any exploit against any system, make sure you are authorized by the owner of the target system(s) to perform such activity. In any other case, this would be considered as an illegal activity.

WARNING: Beware of using unverified exploits from sources such as GitHub or Exploit-DB. These exploits and PoCs could contain malware. For more information, see how to use exploits safely.

Risk Information

CVSS V2 Vector [?]: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C

CVSS Base Score:	10.0 (High)
Impact Subscore:	10.0
Exploitability Subscore:	10.0
CVSS Temporal Score:	8.3 (High)
CVSS Environmental Score:	NA (None)
Modified Impact Subscore:	NA
Overall CVSS Score:	8.3 (High)

CVSS V3 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C

CVSS Base Score:	9.8 (Critical)
Impact Subscore:	5.9
Exploitability Subscore:	3.9
CVSS Temporal Score:	9.1 (Critical)
CVSS Environmental Score:	NA (None)
Modified Impact Subscore:	NA
Overall CVSS Score:	9.1 (Critical)

Go back to menu.

Plugin Source

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2016-753.
#
# The text description of this plugin is (C) SUSE LLC.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(91736);
  script_version("2.9");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");

  script_cve_id("CVE-2013-7446", "CVE-2016-0758", "CVE-2016-1583", "CVE-2016-2053", "CVE-2016-3134", "CVE-2016-3672", "CVE-2016-3955", "CVE-2016-4482", "CVE-2016-4485", "CVE-2016-4486", "CVE-2016-4557", "CVE-2016-4565", "CVE-2016-4569", "CVE-2016-4578", "CVE-2016-4580", "CVE-2016-4581", "CVE-2016-4805", "CVE-2016-4951", "CVE-2016-5244");

  script_name(english:"openSUSE Security Update : the Linux Kernel (openSUSE-2016-753)");
  script_summary(english:"Check for the openSUSE-2016-753 patch");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote openSUSE host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The openSUSE Leap 42.1 kernel was updated to 4.1.26 to receive various
security and bugfixes.

The following security bugs were fixed :

  - CVE-2016-1583: Prevent the usage of mmap when the lower
    file system does not allow it. This could have lead to
    local privilege escalation when ecryptfs-utils was
    installed and /sbin/mount.ecryptfs_private was setuid
    (bsc#983143).

  - CVE-2016-4565: The InfiniBand (aka IB) stack in the
    Linux kernel incorrectly relies on the write system
    call, which allows local users to cause a denial of
    service (kernel memory write operation) or possibly have
    unspecified other impact via a uAPI interface.
    (bsc#979548)

  - CVE-2016-4805: Use-after-free vulnerability in
    drivers/net/ppp/ppp_generic.c in the Linux kernel
    allowed local users to cause a denial of service (memory
    corruption and system crash, or spinlock) or possibly
    have unspecified other impact by removing a network
    namespace, related to the ppp_register_net_channel and
    ppp_unregister_channel functions. (bsc#980371).

  - CVE-2016-4951: The tipc_nl_publ_dump function in
    net/tipc/socket.c in the Linux kernel did not verify
    socket existence, which allowed local users to cause a
    denial of service (NULL pointer dereference and system
    crash) or possibly have unspecified other impact via a
    dumpit operation. (bsc#981058).

  - CVE-2016-5244: An information leak vulnerability in
    function rds_inc_info_copy of file net/rds/recv.c was
    fixed that might have leaked kernel stack data.
    (bsc#983213).

  - CVE-2016-4580: The x25_negotiate_facilities function in
    net/x25/x25_facilities.c in the Linux kernel did not
    properly initialize a certain data structure, which
    allowed attackers to obtain sensitive information from
    kernel stack memory via an X.25 Call Request.
    (bsc#981267).

  - CVE-2016-0758: Tags with indefinite length could have
    corrupted pointers in asn1_find_indefinite_length
    (bsc#979867).

  - CVE-2016-2053: The asn1_ber_decoder function in
    lib/asn1_decoder.c in the Linux kernel allowed attackers
    to cause a denial of service (panic) via an ASN.1 BER
    file that lacks a public key, leading to mishandling by
    the public_key_verify_signature function in
    crypto/asymmetric_keys/public_key.c (bnc#963762).

  - CVE-2013-7446: Use-after-free vulnerability in
    net/unix/af_unix.c in the Linux kernel allowed local
    users to bypass intended AF_UNIX socket permissions or
    cause a denial of service (panic) via crafted epoll_ctl
    calls (bnc#955654).

  - CVE-2016-3134: The netfilter subsystem in the Linux
    kernel did not validate certain offset fields, which
    allowed local users to gain privileges or cause a denial
    of service (heap memory corruption) via an
    IPT_SO_SET_REPLACE setsockopt call (bnc#971126).

  - CVE-2016-3672: The arch_pick_mmap_layout function in
    arch/x86/mm/mmap.c in the Linux kernel did not properly
    randomize the legacy base address, which made it easier
    for local users to defeat the intended restrictions on
    the ADDR_NO_RANDOMIZE flag, and bypass the ASLR
    protection mechanism for a setuid or setgid program, by
    disabling stack-consumption resource limits
    (bnc#974308).

  - CVE-2016-4482: A kernel information leak in the usbfs
    devio connectinfo was fixed, which could expose kernel
    stack memory to userspace. (bnc#978401).

  - CVE-2016-4485: A kernel information leak in llc was
    fixed (bsc#978821).

  - CVE-2016-4486: A kernel information leak in rtnetlink
    was fixed, where 4 uninitialized bytes could leak to
    userspace (bsc#978822).

  - CVE-2016-4557: A use-after-free via double-fdput in
    replace_map_fd_with_map_ptr() was fixed, which could
    allow privilege escalation (bsc#979018).

  - CVE-2016-4565: When the 'rdma_ucm' infiniband module is
    loaded, local attackers could escalate their privileges
    (bsc#979548).

  - CVE-2016-4569: A kernel information leak in the ALSA
    timer via events via snd_timer_user_tinterrupt that
    could leak information to userspace was fixed
    (bsc#979213).

  - CVE-2016-4578: A kernel information leak in the ALSA
    timer via events that could leak information to
    userspace was fixed (bsc#979879).

  - CVE-2016-4581: If the first propogated mount copy was
    being a slave it could oops the kernel (bsc#979913)

The following non-security bugs were fixed :

  - ALSA: hda - Add dock support for ThinkPad X260
    (boo#979278).

  - ALSA: hda - Apply fix for white noise on Asus N550JV,
    too (boo#979278).

  - ALSA: hda - Asus N750JV external subwoofer fixup
    (boo#979278).

  - ALSA: hda - Fix broken reconfig (boo#979278).

  - ALSA: hda - Fix headphone mic input on a few Dell ALC293
    machines (boo#979278).

  - ALSA: hda - Fix subwoofer pin on ASUS N751 and N551
    (boo#979278).

  - ALSA: hda - Fix white noise on Asus N750JV headphone
    (boo#979278).

  - ALSA: hda - Fix white noise on Asus UX501VW headset
    (boo#979278).

  - ALSA: hda/realtek - Add ALC3234 headset mode for
    Optiplex 9020m (boo#979278).

  - ALSA: hda/realtek - New codecs support for
    ALC234/ALC274/ALC294 (boo#979278).

  - ALSA: hda/realtek - New codec support of ALC225
    (boo#979278).

  - ALSA: hda/realtek - Support headset mode for ALC225
    (boo#979278).

  - ALSA: pcxhr: Fix missing mutex unlock (boo#979278).

  - ALSA: usb-audio: Quirk for yet another Phoenix Audio
    devices (v2) (boo#979278).

  - bluetooth: fix power_on vs close race (bsc#966849).

  - bluetooth: vhci: fix open_timeout vs. hdev race
    (bsc#971799,bsc#966849).

  - bluetooth: vhci: Fix race at creating hci device
    (bsc#971799,bsc#966849).

  - bluetooth: vhci: purge unhandled skbs
    (bsc#971799,bsc#966849).

  - btrfs: do not use src fd for printk (bsc#980348).

  - btrfs: fix crash/invalid memory access on fsync when
    using overlayfs (bsc#977198)

  - drm: qxl: Workaround for buggy user-space (bsc#981344).

  - enic: set netdev->vlan_features (bsc#966245).

  - fs: add file_dentry() (bsc#977198).

  - IB/IPoIB: Do not set skb truesize since using one
    linearskb (bsc#980657).

  - input: i8042 - lower log level for 'no controller'
    message (bsc#945345).

  - kabi: Add kabi/severities entries to ignore sound/hda/*,
    x509_*, efivar_validate, file_open_root and dax_fault

  - kabi: Add some fixups (module, pci_dev, drm, fuse and
    thermal)

  - kabi: file_dentry changes (bsc#977198).

  - kABI fixes for 4.1.22

  - mm/page_alloc.c: calculate 'available' memory in a
    separate function (bsc#982239).

  - net: disable fragment reassembly if high_thresh is zero
    (bsc#970506).

  - of: iommu: Silence misleading warning.

  - pstore_register() error handling was wrong -- it tried
    to release lock before it's acquired, causing spinlock /
    preemption imbalance. - usb: quirk to stop runtime PM
    for Intel 7260 (bnc#984460).

  - Revert 'usb: hub: do not clear BOS field during reset
    device' (boo#979728).

  - usb: core: hub: hub_port_init lock controller instead of
    bus (bnc#978073).

  - usb: preserve kABI in address0 locking (bnc#978073).

  - usb: usbip: fix potential out-of-bounds write
    (bnc#975945).

  - USB: xhci: Add broken streams quirk for Frescologic
    device id 1009 (bnc#982712).

  - virtio_balloon: do not change memory amount visible via
    /proc/meminfo (bsc#982238).

  - virtio_balloon: export 'available' memory to balloon
    statistics (bsc#982239)."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=945345"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=955654"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=963762"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=966245"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=966849"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=970506"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=971126"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=971799"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=973570"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=974308"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=975945"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=977198"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=978073"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=978401"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=978821"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=978822"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=979018"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=979213"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=979278"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=979548"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=979728"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=979867"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=979879"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=979913"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=980348"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=980371"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=980657"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=981058"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=981267"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=981344"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=982238"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=982239"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=982712"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=983143"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=983213"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=984460"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected the Linux Kernel packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'Linux BPF doubleput UAF Privilege Escalation');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug-base");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-default");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-default-base");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-default-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-default-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-default-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-docs-html");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-docs-pdf");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-ec2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-ec2-base");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-ec2-base-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-ec2-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-ec2-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-ec2-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-macros");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-obs-build");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-obs-qa");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-obs-qa-xen");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-pae");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-pae-base");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-pae-base-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-pae-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-pae-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-pae-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-pv");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-pv-base");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-pv-base-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-pv-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-pv-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-pv-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-source");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-source-vanilla");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-syms");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-vanilla");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-vanilla-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-xen");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-xen-base");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-xen-base-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-xen-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-xen-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-xen-devel");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:42.1");

  script_set_attribute(attribute:"patch_publication_date", value:"2016/06/21");
  script_set_attribute(attribute:"plugin_publication_date", value:"2016/06/22");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE42\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "42.1", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);

flag = 0;

if ( rpm_check(release:"SUSE42.1", reference:"kernel-default-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"kernel-default-base-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"kernel-default-base-debuginfo-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"kernel-default-debuginfo-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"kernel-default-debugsource-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"kernel-default-devel-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"kernel-devel-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"kernel-docs-html-4.1.26-21.2") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"kernel-docs-pdf-4.1.26-21.2") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"kernel-macros-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"kernel-obs-build-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"kernel-obs-build-debugsource-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"kernel-obs-qa-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"kernel-obs-qa-xen-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"kernel-source-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"kernel-source-vanilla-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", reference:"kernel-syms-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-debug-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-debug-base-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-debug-base-debuginfo-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-debug-debuginfo-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-debug-debugsource-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-debug-devel-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-debug-devel-debuginfo-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-ec2-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-ec2-base-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-ec2-base-debuginfo-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-ec2-debuginfo-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-ec2-debugsource-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-ec2-devel-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-pae-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-pae-base-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-pae-base-debuginfo-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-pae-debuginfo-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-pae-debugsource-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-pae-devel-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-pv-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-pv-base-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-pv-base-debuginfo-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-pv-debuginfo-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-pv-debugsource-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-pv-devel-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-vanilla-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-vanilla-debuginfo-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-vanilla-debugsource-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-vanilla-devel-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-xen-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-xen-base-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-xen-base-debuginfo-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-xen-debuginfo-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-xen-debugsource-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"i686", reference:"kernel-xen-devel-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-debug-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-debug-base-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-debug-base-debuginfo-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-debug-debuginfo-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-debug-debugsource-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-debug-devel-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-debug-devel-debuginfo-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-ec2-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-ec2-base-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-ec2-base-debuginfo-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-ec2-debuginfo-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-ec2-debugsource-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-ec2-devel-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-pae-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-pae-base-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-pae-base-debuginfo-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-pae-debuginfo-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-pae-debugsource-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-pae-devel-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-pv-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-pv-base-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-pv-base-debuginfo-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-pv-debuginfo-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-pv-debugsource-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-pv-devel-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-vanilla-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-vanilla-debuginfo-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-vanilla-debugsource-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-vanilla-devel-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-xen-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-xen-base-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-xen-base-debuginfo-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-xen-debuginfo-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-xen-debugsource-4.1.26-21.1") ) flag++;
if ( rpm_check(release:"SUSE42.1", cpu:"x86_64", reference:"kernel-xen-devel-4.1.26-21.1") ) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel-debug / kernel-debug-base / kernel-debug-base-debuginfo / etc");
}

The latest version of this script can be found in these locations depending on your platform:

Linux / Unix:
/opt/nessus/lib/nessus/plugins/openSUSE-2016-753.nasl
Windows:
C:\ProgramData\Tenable\Nessus\nessus\plugins\openSUSE-2016-753.nasl
Mac OS X:
/Library/Nessus/run/lib/nessus/plugins/openSUSE-2016-753.nasl

Go back to menu.

How to Run

Here is how to run the openSUSE Security Update : the Linux Kernel (openSUSE-2016-753) as a standalone plugin via the Nessus web user interface (https://localhost:8834/):

Click to start a New Scan.
Select Advanced Scan.
Navigate to the Plugins tab.
On the top right corner click to Disable All plugins.
On the left side table select SuSE Local Security Checks plugin family.
On the right side table select openSUSE Security Update : the Linux Kernel (openSUSE-2016-753) plugin ID 91736.
Specify the target on the Settings tab and click to Save the scan.
Run the scan.

Here are a few examples of how to run the plugin in the command line. Note that the examples below demonstrate the usage on the Linux / Unix platform.

Basic usage:

/opt/nessus/bin/nasl openSUSE-2016-753.nasl -t <IP/HOST>

Run the plugin with audit trail message on the console:

/opt/nessus/bin/nasl -a openSUSE-2016-753.nasl -t <IP/HOST>

Run the plugin with trace script execution written to the console (useful for debugging):

/opt/nessus/bin/nasl -T - openSUSE-2016-753.nasl -t <IP/HOST>

Run the plugin with using a state file for the target and updating it (useful for running multiple plugins on the target):

/opt/nessus/bin/nasl -K /tmp/state openSUSE-2016-753.nasl -t <IP/HOST>

Go back to menu.

References

See also:

Similar and related Nessus plugins:

91291 - Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2016-3565)
91295 - OracleVM 3.3 : kernel-uek (OVMSA-2016-0053)
91425 - Ubuntu 14.04 LTS : linux vulnerabilities (USN-2989-1)
91559 - Ubuntu 12.04 LTS : linux vulnerabilities (USN-2996-1)
91560 - Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2998-1)
91561 - Ubuntu 14.04 LTS : linux vulnerability (USN-2999-1)
91562 - Ubuntu 14.04 LTS : linux-lts-utopic vulnerabilities (USN-3000-1)
91563 - Ubuntu 14.04 LTS : linux-lts-vivid vulnerabilities (USN-3001-1)
91564 - Ubuntu 14.04 LTS : linux-lts-wily vulnerabilities (USN-3002-1)
91565 - Ubuntu 15.10 : linux vulnerabilities (USN-3003-1)
91566 - Ubuntu 15.10 : linux-raspi2 vulnerabilities (USN-3004-1)
91567 - Ubuntu 14.04 LTS : linux-lts-xenial vulnerabilities (USN-3005-1)
91568 - Ubuntu 16.04 LTS : linux vulnerabilities (USN-3006-1)
91569 - Ubuntu 16.04 LTS : linux-raspi2 vulnerabilities (USN-3007-1)
91570 - Ubuntu 16.04 LTS : linux-snapdragon vulnerability (USN-3008-1)
91669 - SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2016:1596-1)
91687 - Debian DLA-516-1 : linux security update
91743 - OracleVM 3.2 : kernel-uek (OVMSA-2016-0060)
91858 - Amazon Linux AMI : kernel (ALAS-2016-718)
91873 - Ubuntu 16.04 LTS : linux vulnerabilities (USN-3016-1)
91874 - Ubuntu 16.04 LTS : linux-raspi2 vulnerabilities (USN-3016-2)
91875 - Ubuntu 16.04 LTS : linux-snapdragon vulnerabilities (USN-3016-3)
91876 - Ubuntu 14.04 LTS : linux-lts-xenial vulnerabilities (USN-3016-4)
91877 - Ubuntu 15.10 : linux vulnerabilities (USN-3017-1)
91878 - Ubuntu 15.10 : linux-raspi2 vulnerabilities (USN-3017-2)
91879 - Ubuntu 14.04 LTS : linux-lts-wily vulnerabilities (USN-3017-3)
91880 - Ubuntu 14.04 LTS : linux vulnerabilities (USN-3018-1)
91881 - Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-3018-2)
91882 - Ubuntu 14.04 LTS : linux-lts-utopic vulnerabilities (USN-3019-1)
91883 - Ubuntu 14.04 LTS : linux-lts-vivid vulnerabilities (USN-3020-1)
91884 - Ubuntu 12.04 LTS : linux vulnerabilities (USN-3021-1)
91886 - Debian DSA-3607-1 : linux - security update
92007 - openSUSE Security Update : the Linux Kernel (openSUSE-2016-862)
92055 - Fedora 23 : kernel (2016-06f1572324)

Version

This page has been produced using Nessus Professional 10.1.2 (#68) LINUX, Plugin set 202205072148.
Plugin file openSUSE-2016-753.nasl version 2.9. For more plugins, visit the Nessus Plugin Library.

Go back to menu.

openSUSE Security Update : the Linux Kernel (openSUSE-2016-753) - Nessus

Plugin Overview

Vulnerability Information

Synopsis

Description

Solution

Public Exploits

Risk Information

Plugin Source

How to Run

References

Version

Nessus Plugin Library

Solving Problems with Office 365 Email from GoDaddy

Empire Module Library

CrackMapExec Module Library

Metasploit Android Modules

Top 16 Active Directory Vulnerabilities

Top 10 Vulnerabilities: Internal Infrastructure Pentest

Terminal Escape Injection

Cisco Password Cracking and Decrypting Guide

Capture Passwords using Wireshark

SSH Brute Force Attack Tool using PuTTY / Plink (ssh-putty-brute.ps1)

SMB Brute Force Attack Tool in PowerShell (SMBLogin.ps1)

Port Scanner in PowerShell (TCP/UDP)

Nessus CSV Parser and Extractor

Default Password Scanner (default-http-login-hunter.sh)