Detections
Analytics
SUSE SLES11 Security Update : kernel (SUSE-SU-2018:1821-1)
medium Nessus Plugin ID 110761
Language:
Synopsis
The remote SUSE host is missing one or more security updates.Description
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. This new feature was added :- Btrfs: Remove empty block groups in the background The following security bugs were fixed :
- CVE-2018-3665: Prevent disclosure of FPU registers (including XMM and AVX registers) between processes.
These registers might contain encryption keys when doing SSE accelerated AES enc/decryption (bsc#1087086)
The update package also includes non-security fixes. See advisory for details.
Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'.Alternatively you can run the command listed for your product :
SUSE Linux Enterprise Software Development Kit 11-SP4:zypper in -t patch sdksp4-kernel-source-13680=1
SUSE Linux Enterprise Server 11-SP4:zypper in -t patch slessp4-kernel-source-13680=1
SUSE Linux Enterprise Server 11-EXTRA:zypper in -t patch slexsp3-kernel-source-13680=1
SUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch dbgsp4-kernel-source-13680=1
See Also
https://bugzilla.suse.com/show_bug.cgi?id=1093194
https://bugzilla.suse.com/show_bug.cgi?id=1046610
https://bugzilla.suse.com/show_bug.cgi?id=1052351
https://bugzilla.suse.com/show_bug.cgi?id=1068054
https://bugzilla.suse.com/show_bug.cgi?id=1079152
https://bugzilla.suse.com/show_bug.cgi?id=1080837
https://bugzilla.suse.com/show_bug.cgi?id=1083347
https://bugzilla.suse.com/show_bug.cgi?id=1087086
https://bugzilla.suse.com/show_bug.cgi?id=1087088
https://bugzilla.suse.com/show_bug.cgi?id=1088997
https://bugzilla.suse.com/show_bug.cgi?id=1088998
https://bugzilla.suse.com/show_bug.cgi?id=1088999
https://bugzilla.suse.com/show_bug.cgi?id=1089000
https://bugzilla.suse.com/show_bug.cgi?id=1089001
https://bugzilla.suse.com/show_bug.cgi?id=1089002
https://bugzilla.suse.com/show_bug.cgi?id=1089003
https://bugzilla.suse.com/show_bug.cgi?id=1089004
https://bugzilla.suse.com/show_bug.cgi?id=1089005
https://bugzilla.suse.com/show_bug.cgi?id=1089006
https://bugzilla.suse.com/show_bug.cgi?id=1089007
https://bugzilla.suse.com/show_bug.cgi?id=1089008
https://bugzilla.suse.com/show_bug.cgi?id=1089010
https://bugzilla.suse.com/show_bug.cgi?id=1089011
https://bugzilla.suse.com/show_bug.cgi?id=1089012
https://bugzilla.suse.com/show_bug.cgi?id=1089013
https://bugzilla.suse.com/show_bug.cgi?id=1089016
https://bugzilla.suse.com/show_bug.cgi?id=1089192
https://bugzilla.suse.com/show_bug.cgi?id=1089199
https://bugzilla.suse.com/show_bug.cgi?id=1089200
https://bugzilla.suse.com/show_bug.cgi?id=1089201
https://bugzilla.suse.com/show_bug.cgi?id=1089202
https://bugzilla.suse.com/show_bug.cgi?id=1089203
https://bugzilla.suse.com/show_bug.cgi?id=1089204
https://bugzilla.suse.com/show_bug.cgi?id=1089205
https://bugzilla.suse.com/show_bug.cgi?id=1089206
https://bugzilla.suse.com/show_bug.cgi?id=1089207
https://bugzilla.suse.com/show_bug.cgi?id=1089208
https://bugzilla.suse.com/show_bug.cgi?id=1089209
https://bugzilla.suse.com/show_bug.cgi?id=1089210
https://bugzilla.suse.com/show_bug.cgi?id=1089211
https://bugzilla.suse.com/show_bug.cgi?id=1089212
https://bugzilla.suse.com/show_bug.cgi?id=1089213
https://bugzilla.suse.com/show_bug.cgi?id=1089214
https://bugzilla.suse.com/show_bug.cgi?id=1089215
https://bugzilla.suse.com/show_bug.cgi?id=1089216
https://bugzilla.suse.com/show_bug.cgi?id=1089217
https://bugzilla.suse.com/show_bug.cgi?id=1089218
https://bugzilla.suse.com/show_bug.cgi?id=1089219
https://bugzilla.suse.com/show_bug.cgi?id=1089220
https://bugzilla.suse.com/show_bug.cgi?id=1089221
https://bugzilla.suse.com/show_bug.cgi?id=1089222
https://bugzilla.suse.com/show_bug.cgi?id=1089223
https://bugzilla.suse.com/show_bug.cgi?id=1089224
https://bugzilla.suse.com/show_bug.cgi?id=1089225
https://bugzilla.suse.com/show_bug.cgi?id=1089226
https://bugzilla.suse.com/show_bug.cgi?id=1089227
https://bugzilla.suse.com/show_bug.cgi?id=1089228
https://bugzilla.suse.com/show_bug.cgi?id=1089229
https://bugzilla.suse.com/show_bug.cgi?id=1089230
https://bugzilla.suse.com/show_bug.cgi?id=1089231
https://bugzilla.suse.com/show_bug.cgi?id=1089232
https://bugzilla.suse.com/show_bug.cgi?id=1089233
https://bugzilla.suse.com/show_bug.cgi?id=1089234
https://bugzilla.suse.com/show_bug.cgi?id=1089235
https://bugzilla.suse.com/show_bug.cgi?id=1089236
https://bugzilla.suse.com/show_bug.cgi?id=1089237
https://bugzilla.suse.com/show_bug.cgi?id=1089238
https://bugzilla.suse.com/show_bug.cgi?id=1089239
https://bugzilla.suse.com/show_bug.cgi?id=1089240
https://bugzilla.suse.com/show_bug.cgi?id=1089241
https://bugzilla.suse.com/show_bug.cgi?id=1094436
https://bugzilla.suse.com/show_bug.cgi?id=1094437
https://bugzilla.suse.com/show_bug.cgi?id=1095241
https://bugzilla.suse.com/show_bug.cgi?id=1096140
https://bugzilla.suse.com/show_bug.cgi?id=1096242
https://bugzilla.suse.com/show_bug.cgi?id=1096281
https://bugzilla.suse.com/show_bug.cgi?id=1096746
https://bugzilla.suse.com/show_bug.cgi?id=1097443
https://bugzilla.suse.com/show_bug.cgi?id=1097445
https://bugzilla.suse.com/show_bug.cgi?id=1097948
https://bugzilla.suse.com/show_bug.cgi?id=973378
https://bugzilla.suse.com/show_bug.cgi?id=989401
https://www.suse.com/security/cve/CVE-2018-3665/
http://www.nessus.org/u?7573f7b3
https://bugzilla.suse.com/show_bug.cgi?id=1093195
https://bugzilla.suse.com/show_bug.cgi?id=1093196
https://bugzilla.suse.com/show_bug.cgi?id=1093197
https://bugzilla.suse.com/show_bug.cgi?id=1093198
https://bugzilla.suse.com/show_bug.cgi?id=1094244
https://bugzilla.suse.com/show_bug.cgi?id=1094421
https://bugzilla.suse.com/show_bug.cgi?id=1094422
https://bugzilla.suse.com/show_bug.cgi?id=1094423
Plugin Details
Severity: Medium
ID: 110761
File Name: suse_SU-2018-1821-1.nasl
Version: 1.8
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 6/28/2018
Updated: 9/12/2024
Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.2
CVSS v2
Risk Factor: Medium
Base Score: 4.7
Temporal Score: 3.5
Vector: CVSS2#AV:L/AC:M/Au:N/C:C/I:N/A:N
CVSS Score Source: CVE-2018-3665
CVSS v3
Risk Factor: Medium
Base Score: 5.6
Temporal Score: 4.9
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: p-cpe:/a:novell:suse_linux:kernel-pae, p-cpe:/a:novell:suse_linux:kernel-ec2, p-cpe:/a:novell:suse_linux:kernel-xen-devel, p-cpe:/a:novell:suse_linux:kernel-xen-base, p-cpe:/a:novell:suse_linux:kernel-pae-base, p-cpe:/a:novell:suse_linux:kernel-default-man, p-cpe:/a:novell:suse_linux:kernel-default-base, p-cpe:/a:novell:suse_linux:kernel-trace-base, cpe:/o:novell:suse_linux:11, p-cpe:/a:novell:suse_linux:kernel-ec2-base, p-cpe:/a:novell:suse_linux:kernel-ec2-devel, p-cpe:/a:novell:suse_linux:kernel-default-devel, p-cpe:/a:novell:suse_linux:kernel-trace, p-cpe:/a:novell:suse_linux:kernel-syms, p-cpe:/a:novell:suse_linux:kernel-xen, p-cpe:/a:novell:suse_linux:kernel-trace-devel, p-cpe:/a:novell:suse_linux:kernel-default, p-cpe:/a:novell:suse_linux:kernel-source, p-cpe:/a:novell:suse_linux:kernel-pae-devel
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Exploit Ease: No known exploits are available
Patch Publication Date: 6/27/2018
Vulnerability Publication Date: 6/21/2018
Reference Information
CVE: CVE-2018-3665