Lucene search
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.ORACLELINUX_ELSA-2024-6567.NASLHistorySep 12, 2024 - 12:00 a.m.
Oracle Linux 9 : kernel (ELSA-2024-6567)
2024-09-1200:00:00
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
6
oracle linux 9
kernel
elsa-2024-6567
usb-storage
mm
net
nvme
xhci
bluetooth
xdp
nfsd
efivarfs
ppp
x86
pci/msi
iommufd
regmap
kprobes/x86
kprobes
kvm
cxl/region
x86/coco
vulnerabilities
remote code execution
denial of service
CVSS3
9.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
AI Score
8.6
Confidence
Low
EPSS
0.001
Percentile
17.8%
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-6567 advisory.
- usb-storage: alauda: Check whether the media is initialized (CKI Backport Bot) [RHEL-43716] {CVE-2024-38619}
- mm: avoid overflows in dirty throttling logic (Jay Shin) [RHEL-51848 RHEL-50004] {CVE-2024-42131}
- Revert 'mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again' (Jay Shin) [RHEL-51701 RHEL-50004] {CVE-2024-42102}
- mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again (Jay Shin) [RHEL-42628 RHEL-5619] {CVE-2024-26720}
- net: fix out-of-bounds access in ops_init (Paolo Abeni) [RHEL-43188 RHEL-46610] {CVE-2024-36883}
- nvme: avoid double free special payload (CKI Backport Bot) [RHEL-51311] {CVE-2024-41073}
- xhci: Handle TD clearing for multiple streams case (CKI Backport Bot) [RHEL-47894 RHEL-47892] {CVE-2024-40927}
- Bluetooth: af_bluetooth: Fix deadlock (Bastien Nocera) [RHEL-34161] {CVE-2024-26886}
- xdp: Remove WARN() from __xdp_reg_mem_model() (CKI Backport Bot) [RHEL-51586] {CVE-2024-42082}
- nfsd: fix RELEASE_LOCKOWNER (Benjamin Coddington) [RHEL-42578 RHEL-34875] {CVE-2024-26629}
- net: bridge: mst: fix vlan use-after-free (cki-backport-bot) [RHEL-43729] {CVE-2024-36979}
- efivarfs: force RO when remounting if SetVariable is not supported (Pavel Reichl) [RHEL-42343 RHEL-26588] {CVE-2023-52463}
- mm: prevent derefencing NULL ptr in pfn_section_valid() (Jarod Wilson) [RHEL-51140 RHEL-51138] {CVE-2024-41055}
- mm, kmsan: fix infinite recursion due to RCU critical section (Jarod Wilson) [RHEL-51140 RHEL-51138] {CVE-2024-41055}
- ppp: reject claimed-as-LCP but actually malformed packets (CKI Backport Bot) [RHEL-51061 RHEL-51059] {CVE-2024-41044}
- x86: stop playing stack games in profile_pc() (CKI Backport Bot) [RHEL-51651] {CVE-2024-42096}
- PCI/MSI: Fix UAF in msi_capability_init (CKI Backport Bot) [RHEL-51438] {CVE-2024-41096}
- iommufd: Fix missing update of domains_itree after splitting iopt_area (Jerry Snitselaar) [RHEL-42518 RHEL-28780] {CVE-2023-52801}
- mm: cachestat: fix folio read-after-free in cache walk (Nico Pache) [RHEL-41739 RHEL-5619] {CVE-2024-26630}
- regmap: maple: Fix cache corruption in regcache_maple_drop() (Jaroslav Kysela) [RHEL-43179 RHEL-39706] {CVE-2024-36019}
- mm: cachestat: fix two shmem bugs (Nico Pache) [RHEL-36912] {CVE-2024-35797}
- kprobes/x86: Use copy_from_kernel_nofault() to read from unsafe address (Steve Best) [RHEL-42778 RHEL-34985] {CVE-2024-26946}
- mm/hugetlb: fix missing hugetlb_lock for resv uncharge (Rafael Aquini) [RHEL-43132 RHEL-37467] {CVE-2024-36000}
- net/sched: Fix UAF when resolving a clash (CKI Backport Bot) [RHEL-51022 RHEL-51020] {CVE-2024-41040}
- KVM: SVM: Flush pages under kvm->lock to fix UAF in svm_register_enc_region() (Maxim Levitsky) [RHEL-41462 RHEL-32430] {CVE-2024-35791}
- cxl/region: Fix memregion leaks in devm_cxl_add_region() (John W. Linville) [RHEL-47965 RHEL-23582] {CVE-2024-40936}
- x86/coco: Require seeding RNG with RDRAND on CoCo systems (Lenny Szubowicz) [RHEL-42986 RHEL-37269] {CVE-2024-35875}
Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Oracle Linux Security Advisory ELSA-2024-6567.
##
include('compat.inc');
if (description)
{
script_id(207064);
script_version("1.1");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/09/12");
script_cve_id(
"CVE-2023-52463",
"CVE-2023-52801",
"CVE-2024-26629",
"CVE-2024-26630",
"CVE-2024-26720",
"CVE-2024-26886",
"CVE-2024-26946",
"CVE-2024-35791",
"CVE-2024-35797",
"CVE-2024-35875",
"CVE-2024-36000",
"CVE-2024-36019",
"CVE-2024-36883",
"CVE-2024-36979",
"CVE-2024-38559",
"CVE-2024-38619",
"CVE-2024-40927",
"CVE-2024-40936",
"CVE-2024-41040",
"CVE-2024-41044",
"CVE-2024-41055",
"CVE-2024-41073",
"CVE-2024-41096",
"CVE-2024-42082",
"CVE-2024-42096",
"CVE-2024-42102",
"CVE-2024-42131"
);
script_xref(name:"IAVA", value:"2024-A-0487");
script_name(english:"Oracle Linux 9 : kernel (ELSA-2024-6567)");
script_set_attribute(attribute:"synopsis", value:
"The remote Oracle Linux host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the
ELSA-2024-6567 advisory.
- usb-storage: alauda: Check whether the media is initialized (CKI Backport Bot) [RHEL-43716]
{CVE-2024-38619}
- mm: avoid overflows in dirty throttling logic (Jay Shin) [RHEL-51848 RHEL-50004] {CVE-2024-42131}
- Revert 'mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again' (Jay Shin) [RHEL-51701
RHEL-50004] {CVE-2024-42102}
- mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again (Jay Shin) [RHEL-42628 RHEL-5619]
{CVE-2024-26720}
- net: fix out-of-bounds access in ops_init (Paolo Abeni) [RHEL-43188 RHEL-46610] {CVE-2024-36883}
- nvme: avoid double free special payload (CKI Backport Bot) [RHEL-51311] {CVE-2024-41073}
- xhci: Handle TD clearing for multiple streams case (CKI Backport Bot) [RHEL-47894 RHEL-47892]
{CVE-2024-40927}
- Bluetooth: af_bluetooth: Fix deadlock (Bastien Nocera) [RHEL-34161] {CVE-2024-26886}
- xdp: Remove WARN() from __xdp_reg_mem_model() (CKI Backport Bot) [RHEL-51586] {CVE-2024-42082}
- nfsd: fix RELEASE_LOCKOWNER (Benjamin Coddington) [RHEL-42578 RHEL-34875] {CVE-2024-26629}
- net: bridge: mst: fix vlan use-after-free (cki-backport-bot) [RHEL-43729] {CVE-2024-36979}
- efivarfs: force RO when remounting if SetVariable is not supported (Pavel Reichl) [RHEL-42343
RHEL-26588] {CVE-2023-52463}
- mm: prevent derefencing NULL ptr in pfn_section_valid() (Jarod Wilson) [RHEL-51140 RHEL-51138]
{CVE-2024-41055}
- mm, kmsan: fix infinite recursion due to RCU critical section (Jarod Wilson) [RHEL-51140 RHEL-51138]
{CVE-2024-41055}
- ppp: reject claimed-as-LCP but actually malformed packets (CKI Backport Bot) [RHEL-51061 RHEL-51059]
{CVE-2024-41044}
- x86: stop playing stack games in profile_pc() (CKI Backport Bot) [RHEL-51651] {CVE-2024-42096}
- PCI/MSI: Fix UAF in msi_capability_init (CKI Backport Bot) [RHEL-51438] {CVE-2024-41096}
- iommufd: Fix missing update of domains_itree after splitting iopt_area (Jerry Snitselaar) [RHEL-42518
RHEL-28780] {CVE-2023-52801}
- mm: cachestat: fix folio read-after-free in cache walk (Nico Pache) [RHEL-41739 RHEL-5619]
{CVE-2024-26630}
- regmap: maple: Fix cache corruption in regcache_maple_drop() (Jaroslav Kysela) [RHEL-43179 RHEL-39706]
{CVE-2024-36019}
- mm: cachestat: fix two shmem bugs (Nico Pache) [RHEL-36912] {CVE-2024-35797}
- kprobes/x86: Use copy_from_kernel_nofault() to read from unsafe address (Steve Best) [RHEL-42778
RHEL-34985] {CVE-2024-26946}
- mm/hugetlb: fix missing hugetlb_lock for resv uncharge (Rafael Aquini) [RHEL-43132 RHEL-37467]
{CVE-2024-36000}
- net/sched: Fix UAF when resolving a clash (CKI Backport Bot) [RHEL-51022 RHEL-51020] {CVE-2024-41040}
- KVM: SVM: Flush pages under kvm->lock to fix UAF in svm_register_enc_region() (Maxim Levitsky)
[RHEL-41462 RHEL-32430] {CVE-2024-35791}
- cxl/region: Fix memregion leaks in devm_cxl_add_region() (John W. Linville) [RHEL-47965 RHEL-23582]
{CVE-2024-40936}
- x86/coco: Require seeding RNG with RDRAND on CoCo systems (Lenny Szubowicz) [RHEL-42986 RHEL-37269]
{CVE-2024-35875}
Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://linux.oracle.com/errata/ELSA-2024-6567.html");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2024-41096");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2024/02/15");
script_set_attribute(attribute:"patch_publication_date", value:"2024/09/11");
script_set_attribute(attribute:"plugin_publication_date", value:"2024/09/12");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:linux:9::appstream");
script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:linux:9::codeready_builder");
script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:9");
script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:9:4:baseos_patch");
script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:9::baseos_latest");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:bpftool");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-abi-stablelists");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-cross-headers");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-debug");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-debug-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-debug-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-debug-devel-matched");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-debug-modules");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-debug-modules-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-debug-modules-extra");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-debug-uki-virt");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-devel-matched");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-headers");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-modules");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-modules-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-modules-extra");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-tools");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-tools-libs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-tools-libs-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-uki-virt");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:libperf");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:perf");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python3-perf");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:rtla");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:rv");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Oracle Linux Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("linux_alt_patch_detect.nasl", "ssh_get_info.nasl");
script_require_keys("Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/local_checks_enabled");
exit(0);
}
include('ksplice.inc');
include('rpm.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');
var os_release = get_kb_item("Host/RedHat/release");
if (isnull(os_release) || !pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux)", string:os_release)) audit(AUDIT_OS_NOT, 'Oracle Linux');
var os_ver = pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');
os_ver = os_ver[1];
if (! preg(pattern:"^9([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 9', 'Oracle Linux ' + os_ver);
if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);
var machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');
if (machine_uptrack_level)
{
var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:"\.(x86_64|i[3-6]86|aarch64)$", replace:'');
var fixed_uptrack_levels = ['5.14.0-427.35.1.el9_4'];
foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {
if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)
{
audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2024-6567');
}
}
__rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\n\n';
}
var kernel_major_minor = get_kb_item('Host/uname/major_minor');
if (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');
var expected_kernel_major_minor = '5.14';
if (kernel_major_minor != expected_kernel_major_minor)
audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);
var pkgs = [
{'reference':'bpftool-7.3.0-427.35.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-5.14.0-427.35.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.14.0'},
{'reference':'kernel-abi-stablelists-5.14.0-427.35.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-abi-stablelists-5.14.0'},
{'reference':'kernel-core-5.14.0-427.35.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-core-5.14.0'},
{'reference':'kernel-cross-headers-5.14.0-427.35.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-cross-headers-5.14.0'},
{'reference':'kernel-debug-5.14.0-427.35.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-5.14.0'},
{'reference':'kernel-debug-core-5.14.0-427.35.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-core-5.14.0'},
{'reference':'kernel-debug-devel-5.14.0-427.35.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-devel-5.14.0'},
{'reference':'kernel-debug-devel-matched-5.14.0-427.35.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-devel-matched-5.14.0'},
{'reference':'kernel-debug-modules-5.14.0-427.35.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-modules-5.14.0'},
{'reference':'kernel-debug-modules-core-5.14.0-427.35.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-modules-core-5.14.0'},
{'reference':'kernel-debug-modules-extra-5.14.0-427.35.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-modules-extra-5.14.0'},
{'reference':'kernel-debug-uki-virt-5.14.0-427.35.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-uki-virt-5.14.0'},
{'reference':'kernel-devel-5.14.0-427.35.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-devel-5.14.0'},
{'reference':'kernel-devel-matched-5.14.0-427.35.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-devel-matched-5.14.0'},
{'reference':'kernel-headers-5.14.0-427.35.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-headers-5.14.0'},
{'reference':'kernel-modules-5.14.0-427.35.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-modules-5.14.0'},
{'reference':'kernel-modules-core-5.14.0-427.35.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-modules-core-5.14.0'},
{'reference':'kernel-modules-extra-5.14.0-427.35.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-modules-extra-5.14.0'},
{'reference':'kernel-tools-5.14.0-427.35.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-tools-5.14.0'},
{'reference':'kernel-tools-libs-5.14.0-427.35.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-tools-libs-5.14.0'},
{'reference':'kernel-tools-libs-devel-5.14.0-427.35.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-tools-libs-devel-5.14.0'},
{'reference':'kernel-uki-virt-5.14.0-427.35.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uki-virt-5.14.0'},
{'reference':'libperf-5.14.0-427.35.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'perf-5.14.0-427.35.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python3-perf-5.14.0-427.35.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rtla-5.14.0-427.35.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rv-5.14.0-427.35.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'bpftool-7.3.0-427.35.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-5.14.0-427.35.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.14.0'},
{'reference':'kernel-abi-stablelists-5.14.0-427.35.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-abi-stablelists-5.14.0'},
{'reference':'kernel-core-5.14.0-427.35.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-core-5.14.0'},
{'reference':'kernel-cross-headers-5.14.0-427.35.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-cross-headers-5.14.0'},
{'reference':'kernel-debug-5.14.0-427.35.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-5.14.0'},
{'reference':'kernel-debug-core-5.14.0-427.35.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-core-5.14.0'},
{'reference':'kernel-debug-devel-5.14.0-427.35.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-devel-5.14.0'},
{'reference':'kernel-debug-devel-matched-5.14.0-427.35.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-devel-matched-5.14.0'},
{'reference':'kernel-debug-modules-5.14.0-427.35.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-modules-5.14.0'},
{'reference':'kernel-debug-modules-core-5.14.0-427.35.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-modules-core-5.14.0'},
{'reference':'kernel-debug-modules-extra-5.14.0-427.35.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-modules-extra-5.14.0'},
{'reference':'kernel-debug-uki-virt-5.14.0-427.35.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-uki-virt-5.14.0'},
{'reference':'kernel-devel-5.14.0-427.35.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-devel-5.14.0'},
{'reference':'kernel-devel-matched-5.14.0-427.35.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-devel-matched-5.14.0'},
{'reference':'kernel-headers-5.14.0-427.35.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-headers-5.14.0'},
{'reference':'kernel-modules-5.14.0-427.35.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-modules-5.14.0'},
{'reference':'kernel-modules-core-5.14.0-427.35.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-modules-core-5.14.0'},
{'reference':'kernel-modules-extra-5.14.0-427.35.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-modules-extra-5.14.0'},
{'reference':'kernel-tools-5.14.0-427.35.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-tools-5.14.0'},
{'reference':'kernel-tools-libs-5.14.0-427.35.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-tools-libs-5.14.0'},
{'reference':'kernel-tools-libs-devel-5.14.0-427.35.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-tools-libs-devel-5.14.0'},
{'reference':'kernel-uki-virt-5.14.0-427.35.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uki-virt-5.14.0'},
{'reference':'libperf-5.14.0-427.35.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'perf-5.14.0-427.35.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python3-perf-5.14.0-427.35.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rtla-5.14.0-427.35.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rv-5.14.0-427.35.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE}
];
var flag = 0;
foreach var package_array ( pkgs ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var el_string = NULL;
var rpm_spec_vers_cmp = NULL;
var epoch = NULL;
var allowmaj = NULL;
var exists_check = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) _release = 'EL' + package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
if (reference && _release) {
if (exists_check) {
if (rpm_exists(release:_release, rpm:exists_check) && rpm_check(release:_release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
} else {
if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
}
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bpftool / kernel / kernel-abi-stablelists / etc');
}
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52463
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52801
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26629
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26630
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26720
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26886
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26946
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35791
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35797
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35875
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36000
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36019
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36883
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36979
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38559
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38619
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-40927
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-40936
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41040
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41044
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41055
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41073
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41096
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42082
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42096
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42102
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42131
linux.oracle.com/errata/ELSA-2024-6567.html
Related
osv
osv
Moderate: kernel security update
2024-09-17 00:57:55
Moderate: kernel security update
2024-09-17 00:55:50
CVE-2024-42082
2024-07-29 16:15:07
nessus
nessus
RHEL 9 : kernel (RHSA-2024:6567)
2024-09-11 00:00:00
Rocky Linux 9 : kernel (RLSA-2024:6567)
2024-09-16 00:00:00
RHEL 9 : kernel-rt (RHSA-2024:6268)
2024-09-04 00:00:00
oraclelinux
oraclelinux
kernel security update
2024-09-11 00:00:00
redhat
redhat
(RHSA-2024:6567) Moderate: kernel security update
2024-09-11 00:05:08
(RHSA-2024:6268) Moderate: kernel-rt security update
2024-09-04 00:06:53
(RHSA-2024:6267) Moderate: kernel security update
2024-09-04 00:06:41
rocky
rocky
kernel security update
2024-09-17 00:55:50
kernel security update
2024-09-17 00:57:55
ubuntucve
ubuntucve
nvd
nvd
vulnrichment
vulnrichment
CVE-2023-52801 iommufd: Fix missing update of domains_itree after splitting iopt_area
2024-05-21 15:31:13
CVE-2024-41096 PCI/MSI: Fix UAF in msi_capability_init
2024-07-29 15:48:09
CVE-2024-35875 x86/coco: Require seeding RNG with RDRAND on CoCo systems
2024-05-19 08:34:32
debiancve
debiancve
redhatcve
redhatcve
cvelist
cvelist
CVE-2024-26630 mm: cachestat: fix folio read-after-free in cache walk
2024-03-13 15:50:32
CVE-2023-52801 iommufd: Fix missing update of domains_itree after splitting iopt_area
2024-05-21 15:31:13
CVE-2024-41096 PCI/MSI: Fix UAF in msi_capability_init
2024-07-29 15:48:09
cbl_mariner
cbl_mariner
CVE-2024-42082 affecting package kernel for versions less than 5.15.162.2-1
2024-08-05 03:22:58
CVE-2024-42082 affecting package kernel for versions less than 6.6.43.1-7
2024-08-14 20:43:58
CVE-2024-41096 affecting package kernel for versions less than 6.6.43.1-7
2024-08-14 20:43:58
cve
cve
CVSS3
9.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
AI Score
8.6
Confidence
Low
EPSS
0.001
Percentile
17.8%
Related for ORACLELINUX_ELSA-2024-6567.NASL