This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.OPENSUSE-2021-618.NASLopenSUSE Security Update : nim (openSUSE-2021-618)
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.6 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
55.9%
This update for nim fixes the following issues :
num was updated to version 1.2.12 :
-
Fixed GC crash resulting from inlining of the memory allocation procs
-
Fixed “incorrect raises effect for $(NimNode)” (#17454)
From version 1.2.10 :
-
Fixed “JS backend doesn’t handle float->int type conversion “ (#8404)
-
Fixed “The “try except” not work when the “OSError: Too many open files” error occurs!” (#15925)
-
Fixed “Nim emits #line 0 C preprocessor directives with –debugger:native, with ICE in gcc-10”
(#15942) -
Fixed “tfuturevar fails when activated”
(#9695) -
Fixed “nre.escapeRe is not gcsafe” (#16103)
-
Fixed ““Error: internal error:
genRecordFieldAux” - in the “version-1-4” branch” (#16069) -
Fixed “-d:fulldebug switch does not compile with gc:arc” (#16214)
-
Fixed “osLastError may randomly raise defect and crash” (#16359)
-
Fixed “generic importc proc’s don’t work (breaking lots of vmops procs for js)”
(#16428) -
Fixed “Concept: codegen ignores parameter passing” (#16897)
-
Fixed “(.push exportc.) interacts with anonymous functions” (#16967)
-
Fixed “memory allocation during (.global.) init breaks GC” (#17085)
-
Fixed ‘Nimble arbitrary code execution for specially crafted package metadata’
-
https://github.com/nim-lang/security/security/advisories /GHSA-rg9f-w24h-962p -
(boo#1185083, CVE-2021-21372)
- Fixed ‘Nimble falls back to insecure http url when fetching packages’
-
https://github.com/nim-lang/security/security/advisories /GHSA-8w52-r35x-rgp8 -
(boo#1185084, CVE-2021-21373)
- Fixed ‘Nimble fails to validate certificates due to insecure httpClient defaults’
-
https://github.com/nim-lang/security/security/advisories /GHSA-c2wm-v66h-xhxx -
(boo#1185085, CVE-2021-21374)
from version 1.2.8
-
Fixed “Defer and –gc:arc” (#15071)
-
Fixed “Issue with –gc:arc at compile time” (#15129)
-
Fixed “Nil check on each field fails in generic function” (#15101)
-
Fixed “[strscans] scanf doesn’t match a single character with $+ if it’s the end of the string” (#15064)
-
Fixed “Crash and incorrect return values when using readPasswordFromStdin on Windows.” (#15207)
-
Fixed “Inconsistent unsigned -> signed RangeDefect usage across integer sizes” (#15210)
-
Fixed “toHex results in RangeDefect exception when used with large uint64” (#15257)
-
Fixed “Mixing ‘return’ with expressions is allowed in 1.2” (#15280)
-
Fixed “proc execCmdEx doesn’t work with
-d:useWinAnsi” (#14203) -
Fixed “memory corruption in tmarshall.nim”
(#9754) -
Fixed “Wrong number of variables” (#15360)
-
Fixed “defer doesnt work with block, break and await” (#15243)
-
Fixed “Sizeof of case object is incorrect.
Showstopper” (#15516) -
Fixed “Mixing ‘return’ with expressions is allowed in 1.2” (#15280)
-
Fixed “regression(1.0.2 => 1.0.4) VM register messed up depending on unrelated context” (#15704)
from version 1.2.6
-
Fixed “The pegs module doesn’t work with generics!” (#14718)
-
Fixed “[goto exceptions] (.noReturn.) pragma is not detected in a case expression” (#14458)
-
Fixed “[exceptions:goto] C compiler error with dynlib pragma calling a proc” (#14240)
-
Fixed “Nim source archive install:
‘install.sh’ fails with error: cp: cannot stat ‘bin/nim-gdb’: No such file or directory” (#14748) -
Fixed “Stropped identifiers don’t work as field names in tuple literals” (#14911)
-
Fixed “uri.decodeUrl crashes on incorrectly formatted input” (#14082)
-
Fixed “odbcsql module has some wrong integer types” (#9771)
-
Fixed “[ARC] Compiler crash declaring a finalizer proc directly in ‘new’” (#15044)
-
Fixed “code with named arguments in proc of winim/com can not been compiled” (#15056)
-
Fixed “javascript backend produces JavaScript code with syntax error in object syntax” (#14534)
-
Fixed “[ARC] SIGSEGV when calling a closure as a tuple field in a seq” (#15038)
-
Fixed “Compiler crashes when using string as object variant selector with else branch” (#14189)
-
Fixed “Constructing a uint64 range on a 32-bit machine leads to incorrect codegen” (#14616)
Update to version 1.2.2 :
- See https://nim-lang.org/blog.html for details
Update to version 1.0.2 :
- See https://nim-lang.org/blog.html for details
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2021-618.
#
# The text description of this plugin is (C) SUSE LLC.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(149589);
script_version("1.4");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/01/01");
script_cve_id("CVE-2021-21372", "CVE-2021-21373", "CVE-2021-21374");
script_name(english:"openSUSE Security Update : nim (openSUSE-2021-618)");
script_set_attribute(attribute:"synopsis", value:
"The remote openSUSE host is missing a security update.");
script_set_attribute(attribute:"description", value:
"This update for nim fixes the following issues :
num was updated to version 1.2.12 :
- Fixed GC crash resulting from inlining of the memory
allocation procs
- Fixed “incorrect raises effect for
$(NimNode)” (#17454)
From version 1.2.10 :
- Fixed “JS backend doesn’t handle float->int
type conversion “ (#8404)
- Fixed “The “try except” not work when
the “OSError: Too many open files” error
occurs!” (#15925)
- Fixed “Nim emits #line 0 C preprocessor directives
with –debugger:native, with ICE in gcc-10”
(#15942)
- Fixed “tfuturevar fails when activated”
(#9695)
- Fixed “nre.escapeRe is not gcsafe” (#16103)
- Fixed ““Error: internal error:
genRecordFieldAux” - in the
“version-1-4” branch” (#16069)
- Fixed “-d:fulldebug switch does not compile with
gc:arc” (#16214)
- Fixed “osLastError may randomly raise defect and
crash” (#16359)
- Fixed “generic importc proc’s don’t
work (breaking lots of vmops procs for js)”
(#16428)
- Fixed “Concept: codegen ignores parameter
passing” (#16897)
- Fixed “(.push exportc.) interacts with anonymous
functions” (#16967)
- Fixed “memory allocation during (.global.) init
breaks GC” (#17085)
- Fixed 'Nimble arbitrary code execution for specially
crafted package metadata'
+
https://github.com/nim-lang/security/security/advisories
/GHSA-rg9f-w24h-962p
+ (boo#1185083, CVE-2021-21372)
- Fixed 'Nimble falls back to insecure http url when
fetching packages'
+
https://github.com/nim-lang/security/security/advisories
/GHSA-8w52-r35x-rgp8
+ (boo#1185084, CVE-2021-21373)
- Fixed 'Nimble fails to validate certificates due to
insecure httpClient defaults'
+
https://github.com/nim-lang/security/security/advisories
/GHSA-c2wm-v66h-xhxx
+ (boo#1185085, CVE-2021-21374)
from version 1.2.8
- Fixed “Defer and –gc:arc” (#15071)
- Fixed “Issue with –gc:arc at compile
time” (#15129)
- Fixed “Nil check on each field fails in generic
function” (#15101)
- Fixed “[strscans] scanf doesn’t match a
single character with $+ if it’s the end of the
string” (#15064)
- Fixed “Crash and incorrect return values when
using readPasswordFromStdin on Windows.” (#15207)
- Fixed “Inconsistent unsigned -> signed RangeDefect
usage across integer sizes” (#15210)
- Fixed “toHex results in RangeDefect exception when
used with large uint64” (#15257)
- Fixed “Mixing ‘return’ with
expressions is allowed in 1.2” (#15280)
- Fixed “proc execCmdEx doesn’t work with
-d:useWinAnsi” (#14203)
- Fixed “memory corruption in tmarshall.nim”
(#9754)
- Fixed “Wrong number of variables” (#15360)
- Fixed “defer doesnt work with block, break and
await” (#15243)
- Fixed “Sizeof of case object is incorrect.
Showstopper” (#15516)
- Fixed “Mixing ‘return’ with
expressions is allowed in 1.2” (#15280)
- Fixed “regression(1.0.2 => 1.0.4) VM register
messed up depending on unrelated context” (#15704)
from version 1.2.6
- Fixed “The pegs module doesn’t work with
generics!” (#14718)
- Fixed “[goto exceptions] (.noReturn.) pragma is
not detected in a case expression” (#14458)
- Fixed “[exceptions:goto] C compiler error with
dynlib pragma calling a proc” (#14240)
- Fixed “Nim source archive install:
‘install.sh’ fails with error: cp: cannot
stat ‘bin/nim-gdb’: No such file or
directory” (#14748)
- Fixed “Stropped identifiers don’t work as
field names in tuple literals” (#14911)
- Fixed “uri.decodeUrl crashes on incorrectly
formatted input” (#14082)
- Fixed “odbcsql module has some wrong integer
types” (#9771)
- Fixed “[ARC] Compiler crash declaring a finalizer
proc directly in ‘new’” (#15044)
- Fixed “code with named arguments in proc of
winim/com can not been compiled” (#15056)
- Fixed “javascript backend produces JavaScript code
with syntax error in object syntax” (#14534)
- Fixed “[ARC] SIGSEGV when calling a closure as a
tuple field in a seq” (#15038)
- Fixed “Compiler crashes when using string as
object variant selector with else branch” (#14189)
- Fixed “Constructing a uint64 range on a 32-bit
machine leads to incorrect codegen” (#14616)
Update to version 1.2.2 :
- See https://nim-lang.org/blog.html for details
Update to version 1.0.2 :
- See https://nim-lang.org/blog.html for details");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1185083");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1185084");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1185085");
# https://github.com/nim-lang/security/security/advisories/GHSA-8w52-r35x-rgp8
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?c8e0330b");
# https://github.com/nim-lang/security/security/advisories/GHSA-c2wm-v66h-xhxx
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?0791b363");
# https://github.com/nim-lang/security/security/advisories/GHSA-rg9f-w24h-962p
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?8d0b1bba");
script_set_attribute(attribute:"see_also", value:"https://nim-lang.org/blog.html");
script_set_attribute(attribute:"solution", value:
"Update the affected nim packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-21374");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2021-21372");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2021/03/26");
script_set_attribute(attribute:"patch_publication_date", value:"2021/04/25");
script_set_attribute(attribute:"plugin_publication_date", value:"2021/05/18");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:nim");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:nim-debuginfo");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.2");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"SuSE Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE15\.2)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "15.2", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(x86_64)$") audit(AUDIT_ARCH_NOT, "x86_64", ourarch);
flag = 0;
if ( rpm_check(release:"SUSE15.2", reference:"nim-1.2.12-lp152.2.3.1") ) flag++;
if ( rpm_check(release:"SUSE15.2", reference:"nim-debuginfo-1.2.12-lp152.2.3.1") ) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
else security_warning(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "nim / nim-debuginfo");
}
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21372
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21373
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21374
www.nessus.org/u?0791b363
www.nessus.org/u?8d0b1bba
www.nessus.org/u?c8e0330b
bugzilla.opensuse.org/show_bug.cgi?id=1185083
bugzilla.opensuse.org/show_bug.cgi?id=1185084
bugzilla.opensuse.org/show_bug.cgi?id=1185085
nim-lang.org/blog.html
Related
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.6 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
55.9%