Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.CENTOS8_RHSA-2019-3575.NASL
HistoryJan 29, 2021 - 12:00 a.m.

CentOS 8 : elfutils (CESA-2019:3575)

2021-01-2900:00:00
This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
17

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

7 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

72.4%

JSON

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:3575 advisory.

  • elfutils: buffer over-read in the ebl_object_note function in eblobjnote.c in libebl (CVE-2019-7146)

  • elfutils: heap-based buffer over-read in read_srclines in dwarf_getsrclines.c in libdw (CVE-2019-7149)

  • elfutils: segmentation fault in elf64_xlatetom in libelf/elf32_xlatetom.c (CVE-2019-7150)

  • elfutils: out of bound write in elf_cvt_note in libelf/note_xlate.h (CVE-2019-7664)

  • elfutils: heap-based buffer over-read in function elf32_xlatetom in elf32_xlatetom.c (CVE-2019-7665)

Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.

##
# (C) Tenable Network Security, Inc.
#
# The package checks in this plugin were extracted from
# Red Hat Security Advisory RHSA-2019:3575. The text
# itself is copyright (C) Red Hat, Inc.
##

include('compat.inc');

if (description)
{
  script_id(145645);
  script_version("1.6");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/01/25");

  script_cve_id(
    "CVE-2019-7146",
    "CVE-2019-7149",
    "CVE-2019-7150",
    "CVE-2019-7664",
    "CVE-2019-7665"
  );
  script_bugtraq_id(
    107134,
    108523,
    108806,
    108862
  );
  script_xref(name:"RHSA", value:"2019:3575");

  script_name(english:"CentOS 8 : elfutils (CESA-2019:3575)");

  script_set_attribute(attribute:"synopsis", value:
"The remote CentOS host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the
CESA-2019:3575 advisory.

  - elfutils: buffer over-read in the ebl_object_note function in eblobjnote.c in libebl (CVE-2019-7146)

  - elfutils: heap-based buffer over-read in read_srclines in dwarf_getsrclines.c in libdw (CVE-2019-7149)

  - elfutils: segmentation fault in elf64_xlatetom in libelf/elf32_xlatetom.c (CVE-2019-7150)

  - elfutils: out of bound write in elf_cvt_note in libelf/note_xlate.h (CVE-2019-7664)

  - elfutils: heap-based buffer over-read in function elf32_xlatetom in elf32_xlatetom.c (CVE-2019-7665)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2019:3575");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-7665");
  script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2019-7149");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/01/20");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/11/05");
  script_set_attribute(attribute:"plugin_publication_date", value:"2021/01/29");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:8");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:elfutils");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:elfutils-default-yama-scope");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:elfutils-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:elfutils-devel-static");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:elfutils-libelf");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:elfutils-libelf-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:elfutils-libelf-devel-static");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:elfutils-libs");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"CentOS Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list", "Host/cpu");

  exit(0);
}


include('audit.inc');
include('global_settings.inc');
include('misc_func.inc');
include('rpm.inc');
include('rhel.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item('Host/CentOS/release');
if (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');
os_ver = pregmatch(pattern: "CentOS(?: Stream)?(?: Linux)? release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');
os_ver = os_ver[1];
if ('CentOS Stream' >< release) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS Stream ' + os_ver);
if (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);

if (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);

pkgs = [
    {'reference':'elfutils-0.176-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'elfutils-0.176-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'elfutils-default-yama-scope-0.176-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'elfutils-default-yama-scope-0.176-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'elfutils-devel-0.176-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'elfutils-devel-0.176-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'elfutils-devel-static-0.176-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'elfutils-devel-static-0.176-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'elfutils-libelf-0.176-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'elfutils-libelf-0.176-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'elfutils-libelf-devel-0.176-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'elfutils-libelf-devel-0.176-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'elfutils-libelf-devel-static-0.176-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'elfutils-libelf-devel-static-0.176-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'elfutils-libs-0.176-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'elfutils-libs-0.176-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}
];

flag = 0;
foreach package_array ( pkgs ) {
  reference = NULL;
  release = NULL;
  sp = NULL;
  cpu = NULL;
  el_string = NULL;
  rpm_spec_vers_cmp = NULL;
  epoch = NULL;
  allowmaj = NULL;
  if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
  if (!empty_or_null(package_array['release'])) release = 'CentOS-' + package_array['release'];
  if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
  if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];
  if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
  if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
  if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
  if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
  if (reference && release) {
    if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
  }
}

if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'elfutils / elfutils-default-yama-scope / elfutils-devel / etc');
}
VendorProductVersionCPE
centoscentos8cpe:/o:centos:centos:8
centoscentoselfutilsp-cpe:/a:centos:centos:elfutils
centoscentoselfutils-default-yama-scopep-cpe:/a:centos:centos:elfutils-default-yama-scope
centoscentoselfutils-develp-cpe:/a:centos:centos:elfutils-devel
centoscentoselfutils-devel-staticp-cpe:/a:centos:centos:elfutils-devel-static
centoscentoselfutils-libelfp-cpe:/a:centos:centos:elfutils-libelf
centoscentoselfutils-libelf-develp-cpe:/a:centos:centos:elfutils-libelf-devel
centoscentoselfutils-libelf-devel-staticp-cpe:/a:centos:centos:elfutils-libelf-devel-static
centoscentoselfutils-libsp-cpe:/a:centos:centos:elfutils-libs

Related

nessus 33
redhat 3
oraclelinux 2
archlinux 1
openvas 18
fedora 1
f5 1
amazon 1
centos 1
ubuntu 2
cloudfoundry 1
cve 5
cvelist 5
veracode 5
osv 8
nvd 5
prion 5
debiancve 5
redhatcve 5
ubuntucve 5
alpinelinux 5
suse 3
mageia 1
debian 2
photon 6
nessus
nessus
RHEL 8 : elfutils (RHSA-2019:3575)
2019-11-06 00:00:00
Oracle Linux 8 : elfutils (ELSA-2019-3575)
2023-09-07 00:00:00
Fedora 29 : elfutils (2019-44a9d99647)
2019-02-19 00:00:00
redhat
redhat
(RHSA-2019:3575) Low: elfutils security, bug fix, and enhancement update
2019-11-05 18:02:56
(RHSA-2019:2197) Low: elfutils security, bug fix, and enhancement update
2019-08-06 08:12:18
(RHSA-2020:4298) Moderate: OpenShift Container Platform 4.6.1 image security update
2020-10-27 14:57:54
oraclelinux
oraclelinux
elfutils security, bug fix, and enhancement update
2019-11-14 00:00:00
elfutils security, bug fix, and enhancement update
2019-08-13 00:00:00
archlinux
archlinux
[ASA-201903-9] libelf: denial of service
2019-03-18 00:00:00
openvas
openvas
Fedora Update for elfutils FEDORA-2019-44a9d99647
2019-05-07 00:00:00
Huawei EulerOS: Security Advisory for elfutils (EulerOS-SA-2019-2141)
2020-01-23 00:00:00
Huawei EulerOS: Security Advisory for elfutils (EulerOS-SA-2020-1448)
2020-04-16 00:00:00
fedora
fedora
[SECURITY] Fedora 29 Update: elfutils-0.176-1.fc29
2019-02-18 02:05:55
f5
f5
K21426934 : Multiple elfutils vulnerabilities
2022-04-25 00:00:00
amazon
amazon
Low: elfutils
2019-10-21 18:01:00
centos
centos
elfutils security update
2019-08-30 02:43:56
ubuntu
ubuntu
elfutils vulnerabilities
2019-06-10 00:00:00
elfutils vulnerabilities
2023-08-30 00:00:00
cloudfoundry
cloudfoundry
USN-4012-1: elfutils vulnerabilities | Cloud Foundry
2019-06-18 00:00:00
cve
cve
CVE-2019-7664
2019-02-09 16:29:00
CVE-2019-7149
2019-01-29 00:29:00
CVE-2019-7665
2019-02-09 16:29:00
cvelist
cvelist
CVE-2019-7664
2019-02-09 16:00:00
CVE-2019-7150
2019-01-29 00:00:00
CVE-2019-7146
2019-01-29 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-08-08 00:07:56
Buffer Over-Read
2019-08-08 00:07:56
Denial Of Service (DoS)
2019-11-06 00:21:00
osv
osv
CVE-2019-7664
2019-02-09 16:29:00
CVE-2019-7149
2019-01-29 00:29:00
CVE-2019-7146
2019-01-29 00:29:00
nvd
nvd
CVE-2019-7664
2019-02-09 16:29:00
CVE-2019-7149
2019-01-29 00:29:00
CVE-2019-7665
2019-02-09 16:29:00
prion
prion
Buffer overflow
2019-02-09 16:29:00
Heap overflow
2019-01-29 00:29:00
Design/Logic Flaw
2019-01-29 00:29:00
debiancve
debiancve
CVE-2019-7664
2019-02-09 16:29:00
CVE-2019-7149
2019-01-29 00:29:00
CVE-2019-7665
2019-02-09 16:29:00
redhatcve
redhatcve
CVE-2019-7664
2019-10-12 02:22:30
CVE-2019-7665
2019-02-15 08:20:29
CVE-2019-7146
2019-01-31 15:51:19
ubuntucve
ubuntucve
CVE-2019-7664
2019-02-09 00:00:00
CVE-2019-7150
2019-01-28 00:00:00
CVE-2019-7665
2019-02-09 00:00:00
alpinelinux
alpinelinux
CVE-2019-7664
2019-02-09 16:29:00
CVE-2019-7149
2019-01-29 00:29:00
CVE-2019-7146
2019-01-29 00:29:00
suse
suse
Security update for dwarves and elfutils (moderate)
2022-09-01 00:00:00
Security update for dwarves and elfutils (moderate)
2022-08-01 00:00:00
Security update for elfutils (moderate)
2019-06-20 00:00:00
mageia
mageia
Updated elfutils packages fix security vulnerabilities
2019-08-18 15:39:41
debian
debian
[SECURITY] [DLA 1689-1] elfutils security update
2019-02-25 21:35:38
[SECURITY] [DLA 2802-1] elfutils security update
2021-10-30 21:53:24
photon
photon
Moderate Photon OS Security Update - PHSA-2019-0164
2019-06-17 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-2.0-0164
2019-06-17 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-1.0-0239
2019-06-17 00:00:00

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

7 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

72.4%

JSON
Related for CENTOS8_RHSA-2019-3575.NASL
nessus33redhat3oraclelinux2archlinux1openvas18fedora1f51amazon1centos1ubuntu2cloudfoundry1cve5cvelist5veracode5osv8nvd5prion5debiancve5redhatcve5ubuntucve5alpinelinux5suse3mageia1debian2photon6