CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:P/I:P/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
33.4%
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:1804 advisory.
X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon.
Mesa provides a 3D graphics API that is compatible with Open Graphics Library (OpenGL). It also provides hardware-accelerated drivers for many popular graphics chips.
The following packages have been upgraded to a later upstream version: egl-wayland (1.1.5), libdrm (2.4.103), libglvnd (1.3.2), libinput (1.16.3), libwacom (1.6), mesa (20.3.3), xorg-x11-server (1.20.10).
(BZ#1878160, BZ#1886648, BZ#1887654, BZ#1887655)
Security Fix(es):
* xorg-x11-server: Out-of-bounds access in XkbSetNames function (CVE-2020-14345)
* xorg-x11-server: Integer underflow in the X input extension protocol (CVE-2020-14346)
* xorg-x11-server: Out-of-bounds access in XkbSetMap function (CVE-2020-14360)
* xorg-x11-server: XkbSelectEvents integer underflow privilege escalation vulnerability (CVE-2020-14361)
* xorg-x11-server: XRecordRegisterClients integer underflow privilege escalation vulnerability (CVE-2020-14362)
* libX11: Integer overflow leads to double free in locale handling (CVE-2020-14363)
* xorg-x11-server: XkbSetDeviceInfo heap-based buffer overflow privilege escalation vulnerability (CVE-2020-25712)
* libX11: Heap overflow in the X input method client (CVE-2020-14344)
* xorg-x11-server: Leak of uninitialized heap memory from the X server to clients in AllocatePixmap of dix/pixmap.c (CVE-2020-14347)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.4 Release Notes linked from the References section.
Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 70300
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2021:1804. The text
# itself is copyright (C) Red Hat, Inc.
##
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(149659);
script_version("1.10");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/06/04");
script_cve_id(
"CVE-2020-14344",
"CVE-2020-14345",
"CVE-2020-14346",
"CVE-2020-14347",
"CVE-2020-14360",
"CVE-2020-14361",
"CVE-2020-14362",
"CVE-2020-14363",
"CVE-2020-25712"
);
script_xref(name:"RHSA", value:"2021:1804");
script_xref(name:"IAVB", value:"2020-B-0051");
script_name(english:"RHEL 8 : userspace graphics, xorg-x11, and mesa (RHSA-2021:1804)");
script_set_attribute(attribute:"synopsis", value:
"The remote Red Hat host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as
referenced in the RHSA-2021:1804 advisory.
X.Org is an open-source implementation of the X Window System. It provides the basic low-level
functionality that full-fledged graphical user interfaces are designed upon.
Mesa provides a 3D graphics API that is compatible with Open Graphics Library (OpenGL). It also provides
hardware-accelerated drivers for many popular graphics chips.
The following packages have been upgraded to a later upstream version: egl-wayland (1.1.5), libdrm
(2.4.103), libglvnd (1.3.2), libinput (1.16.3), libwacom (1.6), mesa (20.3.3), xorg-x11-server (1.20.10).
(BZ#1878160, BZ#1886648, BZ#1887654, BZ#1887655)
Security Fix(es):
* xorg-x11-server: Out-of-bounds access in XkbSetNames function (CVE-2020-14345)
* xorg-x11-server: Integer underflow in the X input extension protocol (CVE-2020-14346)
* xorg-x11-server: Out-of-bounds access in XkbSetMap function (CVE-2020-14360)
* xorg-x11-server: XkbSelectEvents integer underflow privilege escalation vulnerability (CVE-2020-14361)
* xorg-x11-server: XRecordRegisterClients integer underflow privilege escalation vulnerability
(CVE-2020-14362)
* libX11: Integer overflow leads to double free in locale handling (CVE-2020-14363)
* xorg-x11-server: XkbSetDeviceInfo heap-based buffer overflow privilege escalation vulnerability
(CVE-2020-25712)
* libX11: Heap overflow in the X input method client (CVE-2020-14344)
* xorg-x11-server: Leak of uninitialized heap memory from the X server to clients in AllocatePixmap of
dix/pixmap.c (CVE-2020-14347)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and
other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.4 Release Notes
linked from the References section.
Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.4_release_notes/
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?862005a9");
# https://access.redhat.com/security/data/csaf/v2/advisories/2021/rhsa-2021_1804.json
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?d9b8c07d");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/updates/classification/#moderate");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2021:1804");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1826141");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1854920");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1856738");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1862241");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1862246");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1862255");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1862258");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1863142");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1869139");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1869142");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1869144");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1872473");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1878160");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1886644");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1886648");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1887276");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1887654");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1887655");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1891871");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1896442");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1897439");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1914411");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-14360");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2020-25712");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_cwe_id(119, 122, 190, 191, 416, 665);
script_set_attribute(attribute:"vendor_severity", value:"Moderate");
script_set_attribute(attribute:"vuln_publication_date", value:"2020/08/05");
script_set_attribute(attribute:"patch_publication_date", value:"2021/05/18");
script_set_attribute(attribute:"plugin_publication_date", value:"2021/05/19");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:8");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:egl-wayland");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libX11");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libX11-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libX11-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libX11-xcb");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libdrm");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libdrm-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libglvnd");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libglvnd-core-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libglvnd-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libglvnd-egl");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libglvnd-gles");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libglvnd-glx");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libglvnd-opengl");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libinput");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libinput-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libinput-utils");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libwacom");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libwacom-data");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libwacom-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mesa");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mesa-dri-drivers");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mesa-filesystem");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mesa-libEGL");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mesa-libEGL-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mesa-libGL");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mesa-libGL-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mesa-libOSMesa");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mesa-libOSMesa-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mesa-libgbm");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mesa-libgbm-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mesa-libglapi");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mesa-libxatracker");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mesa-vdpau-drivers");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mesa-vulkan-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mesa-vulkan-drivers");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xorg-x11-drivers");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xorg-x11-server");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xorg-x11-server-Xdmx");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xorg-x11-server-Xephyr");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xorg-x11-server-Xnest");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xorg-x11-server-Xorg");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xorg-x11-server-Xvfb");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xorg-x11-server-Xwayland");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xorg-x11-server-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xorg-x11-server-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:xorg-x11-server-source");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_set_attribute(attribute:"stig_severity", value:"II");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Red Hat Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl", "redhat_repos.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
exit(0);
}
include('rpm.inc');
include('rhel.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/RedHat/release');
if (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');
var os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');
os_ver = os_ver[1];
if (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);
if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);
var constraints = [
{
'repo_relative_urls': [
'content/dist/rhel8/8.10/aarch64/appstream/debug',
'content/dist/rhel8/8.10/aarch64/appstream/os',
'content/dist/rhel8/8.10/aarch64/appstream/source/SRPMS',
'content/dist/rhel8/8.10/aarch64/codeready-builder/debug',
'content/dist/rhel8/8.10/aarch64/codeready-builder/os',
'content/dist/rhel8/8.10/aarch64/codeready-builder/source/SRPMS',
'content/dist/rhel8/8.10/ppc64le/appstream/debug',
'content/dist/rhel8/8.10/ppc64le/appstream/os',
'content/dist/rhel8/8.10/ppc64le/appstream/source/SRPMS',
'content/dist/rhel8/8.10/ppc64le/codeready-builder/debug',
'content/dist/rhel8/8.10/ppc64le/codeready-builder/os',
'content/dist/rhel8/8.10/ppc64le/codeready-builder/source/SRPMS',
'content/dist/rhel8/8.10/x86_64/appstream/debug',
'content/dist/rhel8/8.10/x86_64/appstream/os',
'content/dist/rhel8/8.10/x86_64/appstream/source/SRPMS',
'content/dist/rhel8/8.10/x86_64/codeready-builder/debug',
'content/dist/rhel8/8.10/x86_64/codeready-builder/os',
'content/dist/rhel8/8.10/x86_64/codeready-builder/source/SRPMS',
'content/dist/rhel8/8.6/aarch64/appstream/debug',
'content/dist/rhel8/8.6/aarch64/appstream/os',
'content/dist/rhel8/8.6/aarch64/appstream/source/SRPMS',
'content/dist/rhel8/8.6/aarch64/codeready-builder/debug',
'content/dist/rhel8/8.6/aarch64/codeready-builder/os',
'content/dist/rhel8/8.6/aarch64/codeready-builder/source/SRPMS',
'content/dist/rhel8/8.6/ppc64le/appstream/debug',
'content/dist/rhel8/8.6/ppc64le/appstream/os',
'content/dist/rhel8/8.6/ppc64le/appstream/source/SRPMS',
'content/dist/rhel8/8.6/ppc64le/codeready-builder/debug',
'content/dist/rhel8/8.6/ppc64le/codeready-builder/os',
'content/dist/rhel8/8.6/ppc64le/codeready-builder/source/SRPMS',
'content/dist/rhel8/8.6/x86_64/appstream/debug',
'content/dist/rhel8/8.6/x86_64/appstream/os',
'content/dist/rhel8/8.6/x86_64/appstream/source/SRPMS',
'content/dist/rhel8/8.6/x86_64/codeready-builder/debug',
'content/dist/rhel8/8.6/x86_64/codeready-builder/os',
'content/dist/rhel8/8.6/x86_64/codeready-builder/source/SRPMS',
'content/dist/rhel8/8.8/aarch64/appstream/debug',
'content/dist/rhel8/8.8/aarch64/appstream/os',
'content/dist/rhel8/8.8/aarch64/appstream/source/SRPMS',
'content/dist/rhel8/8.8/aarch64/codeready-builder/debug',
'content/dist/rhel8/8.8/aarch64/codeready-builder/os',
'content/dist/rhel8/8.8/aarch64/codeready-builder/source/SRPMS',
'content/dist/rhel8/8.8/ppc64le/appstream/debug',
'content/dist/rhel8/8.8/ppc64le/appstream/os',
'content/dist/rhel8/8.8/ppc64le/appstream/source/SRPMS',
'content/dist/rhel8/8.8/ppc64le/codeready-builder/debug',
'content/dist/rhel8/8.8/ppc64le/codeready-builder/os',
'content/dist/rhel8/8.8/ppc64le/codeready-builder/source/SRPMS',
'content/dist/rhel8/8.8/x86_64/appstream/debug',
'content/dist/rhel8/8.8/x86_64/appstream/os',
'content/dist/rhel8/8.8/x86_64/appstream/source/SRPMS',
'content/dist/rhel8/8.8/x86_64/codeready-builder/debug',
'content/dist/rhel8/8.8/x86_64/codeready-builder/os',
'content/dist/rhel8/8.8/x86_64/codeready-builder/source/SRPMS',
'content/dist/rhel8/8.9/aarch64/appstream/debug',
'content/dist/rhel8/8.9/aarch64/appstream/os',
'content/dist/rhel8/8.9/aarch64/appstream/source/SRPMS',
'content/dist/rhel8/8.9/aarch64/codeready-builder/debug',
'content/dist/rhel8/8.9/aarch64/codeready-builder/os',
'content/dist/rhel8/8.9/aarch64/codeready-builder/source/SRPMS',
'content/dist/rhel8/8.9/ppc64le/appstream/debug',
'content/dist/rhel8/8.9/ppc64le/appstream/os',
'content/dist/rhel8/8.9/ppc64le/appstream/source/SRPMS',
'content/dist/rhel8/8.9/ppc64le/codeready-builder/debug',
'content/dist/rhel8/8.9/ppc64le/codeready-builder/os',
'content/dist/rhel8/8.9/ppc64le/codeready-builder/source/SRPMS',
'content/dist/rhel8/8.9/x86_64/appstream/debug',
'content/dist/rhel8/8.9/x86_64/appstream/os',
'content/dist/rhel8/8.9/x86_64/appstream/source/SRPMS',
'content/dist/rhel8/8.9/x86_64/codeready-builder/debug',
'content/dist/rhel8/8.9/x86_64/codeready-builder/os',
'content/dist/rhel8/8.9/x86_64/codeready-builder/source/SRPMS',
'content/dist/rhel8/8/aarch64/appstream/debug',
'content/dist/rhel8/8/aarch64/appstream/os',
'content/dist/rhel8/8/aarch64/appstream/source/SRPMS',
'content/dist/rhel8/8/aarch64/codeready-builder/debug',
'content/dist/rhel8/8/aarch64/codeready-builder/os',
'content/dist/rhel8/8/aarch64/codeready-builder/source/SRPMS',
'content/dist/rhel8/8/ppc64le/appstream/debug',
'content/dist/rhel8/8/ppc64le/appstream/os',
'content/dist/rhel8/8/ppc64le/appstream/source/SRPMS',
'content/dist/rhel8/8/ppc64le/codeready-builder/debug',
'content/dist/rhel8/8/ppc64le/codeready-builder/os',
'content/dist/rhel8/8/ppc64le/codeready-builder/source/SRPMS',
'content/dist/rhel8/8/x86_64/appstream/debug',
'content/dist/rhel8/8/x86_64/appstream/os',
'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',
'content/dist/rhel8/8/x86_64/codeready-builder/debug',
'content/dist/rhel8/8/x86_64/codeready-builder/os',
'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS'
],
'pkgs': [
{'reference':'libinput-1.16.3-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'libinput-devel-1.16.3-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'libinput-utils-1.16.3-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'libwacom-1.6-2.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'libwacom-data-1.6-2.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'libwacom-devel-1.6-2.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mesa-dri-drivers-20.3.3-2.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mesa-filesystem-20.3.3-2.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mesa-libEGL-20.3.3-2.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mesa-libEGL-devel-20.3.3-2.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mesa-libgbm-20.3.3-2.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mesa-libgbm-devel-20.3.3-2.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mesa-libGL-20.3.3-2.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mesa-libGL-devel-20.3.3-2.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mesa-libglapi-20.3.3-2.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mesa-libOSMesa-20.3.3-2.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mesa-libOSMesa-devel-20.3.3-2.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mesa-libxatracker-20.3.3-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mesa-libxatracker-20.3.3-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mesa-libxatracker-20.3.3-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mesa-vdpau-drivers-20.3.3-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mesa-vdpau-drivers-20.3.3-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mesa-vdpau-drivers-20.3.3-2.el8', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mesa-vdpau-drivers-20.3.3-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mesa-vulkan-devel-20.3.3-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mesa-vulkan-devel-20.3.3-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mesa-vulkan-drivers-20.3.3-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mesa-vulkan-drivers-20.3.3-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'xorg-x11-server-common-1.20.10-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'xorg-x11-server-devel-1.20.10-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'xorg-x11-server-source-1.20.10-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'xorg-x11-server-Xdmx-1.20.10-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'xorg-x11-server-Xephyr-1.20.10-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'xorg-x11-server-Xnest-1.20.10-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'xorg-x11-server-Xorg-1.20.10-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'xorg-x11-server-Xvfb-1.20.10-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'xorg-x11-server-Xwayland-1.20.10-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE}
]
},
{
'repo_relative_urls': [
'content/dist/rhel8/8.10/aarch64/appstream/debug',
'content/dist/rhel8/8.10/aarch64/appstream/os',
'content/dist/rhel8/8.10/aarch64/appstream/source/SRPMS',
'content/dist/rhel8/8.10/ppc64le/appstream/debug',
'content/dist/rhel8/8.10/ppc64le/appstream/os',
'content/dist/rhel8/8.10/ppc64le/appstream/source/SRPMS',
'content/dist/rhel8/8.10/x86_64/appstream/debug',
'content/dist/rhel8/8.10/x86_64/appstream/os',
'content/dist/rhel8/8.10/x86_64/appstream/source/SRPMS',
'content/dist/rhel8/8.6/aarch64/appstream/debug',
'content/dist/rhel8/8.6/aarch64/appstream/os',
'content/dist/rhel8/8.6/aarch64/appstream/source/SRPMS',
'content/dist/rhel8/8.6/ppc64le/appstream/debug',
'content/dist/rhel8/8.6/ppc64le/appstream/os',
'content/dist/rhel8/8.6/ppc64le/appstream/source/SRPMS',
'content/dist/rhel8/8.6/x86_64/appstream/debug',
'content/dist/rhel8/8.6/x86_64/appstream/os',
'content/dist/rhel8/8.6/x86_64/appstream/source/SRPMS',
'content/dist/rhel8/8.8/aarch64/appstream/debug',
'content/dist/rhel8/8.8/aarch64/appstream/os',
'content/dist/rhel8/8.8/aarch64/appstream/source/SRPMS',
'content/dist/rhel8/8.8/ppc64le/appstream/debug',
'content/dist/rhel8/8.8/ppc64le/appstream/os',
'content/dist/rhel8/8.8/ppc64le/appstream/source/SRPMS',
'content/dist/rhel8/8.8/x86_64/appstream/debug',
'content/dist/rhel8/8.8/x86_64/appstream/os',
'content/dist/rhel8/8.8/x86_64/appstream/source/SRPMS',
'content/dist/rhel8/8.9/aarch64/appstream/debug',
'content/dist/rhel8/8.9/aarch64/appstream/os',
'content/dist/rhel8/8.9/aarch64/appstream/source/SRPMS',
'content/dist/rhel8/8.9/ppc64le/appstream/debug',
'content/dist/rhel8/8.9/ppc64le/appstream/os',
'content/dist/rhel8/8.9/ppc64le/appstream/source/SRPMS',
'content/dist/rhel8/8.9/x86_64/appstream/debug',
'content/dist/rhel8/8.9/x86_64/appstream/os',
'content/dist/rhel8/8.9/x86_64/appstream/source/SRPMS',
'content/dist/rhel8/8/aarch64/appstream/debug',
'content/dist/rhel8/8/aarch64/appstream/os',
'content/dist/rhel8/8/aarch64/appstream/source/SRPMS',
'content/dist/rhel8/8/ppc64le/appstream/debug',
'content/dist/rhel8/8/ppc64le/appstream/os',
'content/dist/rhel8/8/ppc64le/appstream/source/SRPMS',
'content/dist/rhel8/8/x86_64/appstream/debug',
'content/dist/rhel8/8/x86_64/appstream/os',
'content/dist/rhel8/8/x86_64/appstream/source/SRPMS'
],
'pkgs': [
{'reference':'egl-wayland-1.1.5-3.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'libdrm-2.4.103-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'libdrm-devel-2.4.103-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'libglvnd-1.3.2-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'libglvnd-core-devel-1.3.2-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'libglvnd-devel-1.3.2-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'libglvnd-egl-1.3.2-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'libglvnd-gles-1.3.2-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'libglvnd-glx-1.3.2-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'libglvnd-opengl-1.3.2-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'libX11-1.6.8-4.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'libX11-common-1.6.8-4.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'libX11-devel-1.6.8-4.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'libX11-xcb-1.6.8-4.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'xorg-x11-drivers-7.7-30.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE}
]
}
];
var applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);
if(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);
var flag = 0;
foreach var constraint_array ( constraints ) {
var repo_relative_urls = NULL;
if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];
foreach var pkg ( constraint_array['pkgs'] ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var el_string = NULL;
var rpm_spec_vers_cmp = NULL;
var epoch = NULL;
var allowmaj = NULL;
var exists_check = NULL;
var cves = NULL;
if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];
if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
if (reference &&
_release &&
rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&
(applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&
rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
}
}
if (flag)
{
var extra = NULL;
if (isnull(applicable_repo_urls) || !applicable_repo_urls) extra = rpm_report_get() + redhat_report_repo_caveat();
else extra = rpm_report_get();
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : extra
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'egl-wayland / libX11 / libX11-common / libX11-devel / libX11-xcb / etc');
}
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14344
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14345
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14346
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14347
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14360
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14361
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14362
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14363
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25712
www.nessus.org/u?862005a9
www.nessus.org/u?d9b8c07d
access.redhat.com/errata/RHSA-2021:1804
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=1826141
bugzilla.redhat.com/show_bug.cgi?id=1854920
bugzilla.redhat.com/show_bug.cgi?id=1856738
bugzilla.redhat.com/show_bug.cgi?id=1862241
bugzilla.redhat.com/show_bug.cgi?id=1862246
bugzilla.redhat.com/show_bug.cgi?id=1862255
bugzilla.redhat.com/show_bug.cgi?id=1862258
bugzilla.redhat.com/show_bug.cgi?id=1863142
bugzilla.redhat.com/show_bug.cgi?id=1869139
bugzilla.redhat.com/show_bug.cgi?id=1869142
bugzilla.redhat.com/show_bug.cgi?id=1869144
bugzilla.redhat.com/show_bug.cgi?id=1872473
bugzilla.redhat.com/show_bug.cgi?id=1878160
bugzilla.redhat.com/show_bug.cgi?id=1886644
bugzilla.redhat.com/show_bug.cgi?id=1886648
bugzilla.redhat.com/show_bug.cgi?id=1887276
bugzilla.redhat.com/show_bug.cgi?id=1887654
bugzilla.redhat.com/show_bug.cgi?id=1887655
bugzilla.redhat.com/show_bug.cgi?id=1891871
bugzilla.redhat.com/show_bug.cgi?id=1896442
bugzilla.redhat.com/show_bug.cgi?id=1897439
bugzilla.redhat.com/show_bug.cgi?id=1914411
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:P/I:P/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
33.4%