Lucene search
This script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2022-8431.NASLHistoryNov 16, 2022 - 12:00 a.m.
RHEL 9 : podman (RHSA-2022:8431)
2022-11-1600:00:00
This script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
14
red hat
security
update
rhel 9
podman
cve-2022-2989
cve-2022-2990
information disclosure
modification
7.1 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
7.8 High
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
17.8%
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:8431 advisory.
-
podman: possible information disclosure and modification (CVE-2022-2989)
-
buildah: possible information disclosure and modification (CVE-2022-2990)
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2022:8431. The text
# itself is copyright (C) Red Hat, Inc.
##
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(167608);
script_version("1.7");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/04/28");
script_cve_id("CVE-2022-2989", "CVE-2022-2990");
script_xref(name:"RHSA", value:"2022:8431");
script_name(english:"RHEL 9 : podman (RHSA-2022:8431)");
script_set_attribute(attribute:"synopsis", value:
"The remote Red Hat host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as
referenced in the RHSA-2022:8431 advisory.
- podman: possible information disclosure and modification (CVE-2022-2989)
- buildah: possible information disclosure and modification (CVE-2022-2990)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.1_release_notes/index
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?1f1eb6cc");
# https://access.redhat.com/security/data/csaf/v2/advisories/2022/rhsa-2022_8431.json
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?d986a371");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/updates/classification/#low");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2120436");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2121445");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2121453");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2123319");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2123905");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2124676");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2124716");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2136278");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2136281");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2136287");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2022:8431");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:N");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-2990");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_cwe_id(842);
script_set_attribute(attribute:"vendor_severity", value:"Low");
script_set_attribute(attribute:"vuln_publication_date", value:"2022/09/13");
script_set_attribute(attribute:"patch_publication_date", value:"2022/11/15");
script_set_attribute(attribute:"plugin_publication_date", value:"2022/11/16");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:9");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:podman");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:podman-catatonit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:podman-docker");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:podman-gvproxy");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:podman-plugins");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:podman-remote");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:podman-tests");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Red Hat Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl", "redhat_repos.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
exit(0);
}
include('rpm.inc');
include('rhel.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/RedHat/release');
if (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');
var os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');
os_ver = os_ver[1];
if (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '9')) audit(AUDIT_OS_NOT, 'Red Hat 9.x', 'Red Hat ' + os_ver);
if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);
var constraints = [
{
'repo_relative_urls': [
'content/dist/rhel9/9.1/aarch64/appstream/debug',
'content/dist/rhel9/9.1/aarch64/appstream/os',
'content/dist/rhel9/9.1/aarch64/appstream/source/SRPMS',
'content/dist/rhel9/9.1/ppc64le/appstream/debug',
'content/dist/rhel9/9.1/ppc64le/appstream/os',
'content/dist/rhel9/9.1/ppc64le/appstream/source/SRPMS',
'content/dist/rhel9/9.1/s390x/appstream/debug',
'content/dist/rhel9/9.1/s390x/appstream/os',
'content/dist/rhel9/9.1/s390x/appstream/source/SRPMS',
'content/dist/rhel9/9.1/x86_64/appstream/debug',
'content/dist/rhel9/9.1/x86_64/appstream/os',
'content/dist/rhel9/9.1/x86_64/appstream/source/SRPMS',
'content/dist/rhel9/9.2/aarch64/appstream/debug',
'content/dist/rhel9/9.2/aarch64/appstream/os',
'content/dist/rhel9/9.2/aarch64/appstream/source/SRPMS',
'content/dist/rhel9/9.2/ppc64le/appstream/debug',
'content/dist/rhel9/9.2/ppc64le/appstream/os',
'content/dist/rhel9/9.2/ppc64le/appstream/source/SRPMS',
'content/dist/rhel9/9.2/s390x/appstream/debug',
'content/dist/rhel9/9.2/s390x/appstream/os',
'content/dist/rhel9/9.2/s390x/appstream/source/SRPMS',
'content/dist/rhel9/9.2/x86_64/appstream/debug',
'content/dist/rhel9/9.2/x86_64/appstream/os',
'content/dist/rhel9/9.2/x86_64/appstream/source/SRPMS',
'content/dist/rhel9/9.3/aarch64/appstream/debug',
'content/dist/rhel9/9.3/aarch64/appstream/os',
'content/dist/rhel9/9.3/aarch64/appstream/source/SRPMS',
'content/dist/rhel9/9.3/ppc64le/appstream/debug',
'content/dist/rhel9/9.3/ppc64le/appstream/os',
'content/dist/rhel9/9.3/ppc64le/appstream/source/SRPMS',
'content/dist/rhel9/9.3/s390x/appstream/debug',
'content/dist/rhel9/9.3/s390x/appstream/os',
'content/dist/rhel9/9.3/s390x/appstream/source/SRPMS',
'content/dist/rhel9/9.3/x86_64/appstream/debug',
'content/dist/rhel9/9.3/x86_64/appstream/os',
'content/dist/rhel9/9.3/x86_64/appstream/source/SRPMS',
'content/dist/rhel9/9.4/aarch64/appstream/debug',
'content/dist/rhel9/9.4/aarch64/appstream/os',
'content/dist/rhel9/9.4/aarch64/appstream/source/SRPMS',
'content/dist/rhel9/9.4/ppc64le/appstream/debug',
'content/dist/rhel9/9.4/ppc64le/appstream/os',
'content/dist/rhel9/9.4/ppc64le/appstream/source/SRPMS',
'content/dist/rhel9/9.4/s390x/appstream/debug',
'content/dist/rhel9/9.4/s390x/appstream/os',
'content/dist/rhel9/9.4/s390x/appstream/source/SRPMS',
'content/dist/rhel9/9.4/x86_64/appstream/debug',
'content/dist/rhel9/9.4/x86_64/appstream/os',
'content/dist/rhel9/9.4/x86_64/appstream/source/SRPMS',
'content/dist/rhel9/9/aarch64/appstream/debug',
'content/dist/rhel9/9/aarch64/appstream/os',
'content/dist/rhel9/9/aarch64/appstream/source/SRPMS',
'content/dist/rhel9/9/ppc64le/appstream/debug',
'content/dist/rhel9/9/ppc64le/appstream/os',
'content/dist/rhel9/9/ppc64le/appstream/source/SRPMS',
'content/dist/rhel9/9/s390x/appstream/debug',
'content/dist/rhel9/9/s390x/appstream/os',
'content/dist/rhel9/9/s390x/appstream/source/SRPMS',
'content/dist/rhel9/9/x86_64/appstream/debug',
'content/dist/rhel9/9/x86_64/appstream/os',
'content/dist/rhel9/9/x86_64/appstream/source/SRPMS'
],
'pkgs': [
{'reference':'podman-4.2.0-7.el9_1', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},
{'reference':'podman-catatonit-4.2.0-7.el9_1', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},
{'reference':'podman-docker-4.2.0-7.el9_1', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},
{'reference':'podman-gvproxy-4.2.0-7.el9_1', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},
{'reference':'podman-plugins-4.2.0-7.el9_1', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},
{'reference':'podman-remote-4.2.0-7.el9_1', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},
{'reference':'podman-tests-4.2.0-7.el9_1', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'}
]
}
];
var applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);
if(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);
var flag = 0;
foreach var constraint_array ( constraints ) {
var repo_relative_urls = NULL;
if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];
foreach var pkg ( constraint_array['pkgs'] ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var el_string = NULL;
var rpm_spec_vers_cmp = NULL;
var epoch = NULL;
var allowmaj = NULL;
var exists_check = NULL;
var cves = NULL;
if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];
if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
if (reference &&
_release &&
rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&
(applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&
rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
}
}
if (flag)
{
var extra = NULL;
if (isnull(applicable_repo_urls) || !applicable_repo_urls) extra = rpm_report_get() + redhat_report_repo_caveat();
else extra = rpm_report_get();
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : extra
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'podman / podman-catatonit / podman-docker / podman-gvproxy / etc');
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| redhat | enterprise_linux | 9 | cpe:/o:redhat:enterprise_linux:9 |
| redhat | enterprise_linux | podman | p-cpe:/a:redhat:enterprise_linux:podman |
| redhat | enterprise_linux | podman-catatonit | p-cpe:/a:redhat:enterprise_linux:podman-catatonit |
| redhat | enterprise_linux | podman-docker | p-cpe:/a:redhat:enterprise_linux:podman-docker |
| redhat | enterprise_linux | podman-gvproxy | p-cpe:/a:redhat:enterprise_linux:podman-gvproxy |
| redhat | enterprise_linux | podman-plugins | p-cpe:/a:redhat:enterprise_linux:podman-plugins |
| redhat | enterprise_linux | podman-remote | p-cpe:/a:redhat:enterprise_linux:podman-remote |
| redhat | enterprise_linux | podman-tests | p-cpe:/a:redhat:enterprise_linux:podman-tests |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2989
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2990
www.nessus.org/u?1f1eb6cc
www.nessus.org/u?d986a371
access.redhat.com/errata/RHSA-2022:8431
access.redhat.com/security/updates/classification/#low
bugzilla.redhat.com/show_bug.cgi?id=2120436
bugzilla.redhat.com/show_bug.cgi?id=2121445
bugzilla.redhat.com/show_bug.cgi?id=2121453
bugzilla.redhat.com/show_bug.cgi?id=2123319
bugzilla.redhat.com/show_bug.cgi?id=2123905
bugzilla.redhat.com/show_bug.cgi?id=2124676
bugzilla.redhat.com/show_bug.cgi?id=2124716
bugzilla.redhat.com/show_bug.cgi?id=2136278
bugzilla.redhat.com/show_bug.cgi?id=2136281
bugzilla.redhat.com/show_bug.cgi?id=2136287
Related
oraclelinux
oraclelinux
podman security, bug fix, and enhancement update
2022-11-24 00:00:00
container-tools:ol8 security, bug fix, and enhancement update
2022-11-22 00:00:00
buildah security and bug fix update
2022-11-22 00:00:00
osv
osv
Low: container-tools:rhel8 security, bug fix, and enhancement update
2022-11-08 00:00:00
Low: podman security, bug fix, and enhancement update
2022-11-15 00:00:00
Low: container-tools:rhel8 security, bug fix, and enhancement update
2022-11-08 10:51:15
redhat
redhat
(RHSA-2022:8431) Low: podman security, bug fix, and enhancement update
2022-11-15 15:35:37
(RHSA-2022:7822) Low: container-tools:rhel8 security, bug fix, and enhancement update
2022-11-08 10:51:15
(RHSA-2022:8008) Moderate: buildah security and bug fix update
2022-11-15 06:13:14
rocky
rocky
container-tools:rhel8 security, bug fix, and enhancement update
2022-11-08 10:51:15
container-tools:rhel8 security, bug fix, and enhancement update
2022-11-08 06:20:07
nessus
nessus
RHEL 8 : container-tools:rhel8 (RHSA-2022:7822)
2022-11-09 00:00:00
CentOS 8 : container-tools:rhel8 (CESA-2022:7822)
2022-11-08 00:00:00
AlmaLinux 9 : podman (ALSA-2022:8431)
2022-11-18 00:00:00
almalinux
almalinux
Low: podman security, bug fix, and enhancement update
2022-11-15 00:00:00
Low: container-tools:rhel8 security, bug fix, and enhancement update
2022-11-08 00:00:00
Moderate: buildah security and bug fix update
2022-11-15 00:00:00
cbl_mariner
cbl_mariner
CVE-2022-2990 affecting package buildah for versions less than 1.18.0-24
2024-04-17 23:32:37
CVE-2022-2990 affecting package buildah 1.18.0-8
2024-07-05 21:08:40
CVE-2022-2990 affecting package buildah for versions less than 1.18.0-17
2023-09-28 11:57:58
github
github
ubuntucve
ubuntucve
CVE-2022-2990
2022-09-13 00:00:00
CVE-2022-2989
2022-09-13 00:00:00
prion
prion
Information disclosure
2022-09-13 14:15:00
Information disclosure
2022-09-13 14:15:00
alpinelinux
alpinelinux
CVE-2022-2990
2022-09-13 14:15:08
CVE-2022-2989
2022-09-13 14:15:08
debiancve
debiancve
CVE-2022-2990
2022-09-13 14:15:08
CVE-2022-2989
2022-09-13 14:15:08
cvelist
cvelist
CVE-2022-2990
2022-09-13 13:44:21
CVE-2022-2989
2022-09-13 13:41:00
redhatcve
redhatcve
CVE-2022-2990
2022-08-25 14:10:09
CVE-2022-2989
2022-08-25 13:40:10
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2023:4099-1)
2023-10-18 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:3820-1)
2022-11-01 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:3819-1)
2022-11-01 00:00:00
nvd
nvd
CVE-2022-2990
2022-09-13 14:15:08
CVE-2022-2989
2022-09-13 14:15:08
cve
cve
CVE-2022-2990
2022-09-13 14:15:08
CVE-2022-2989
2022-09-13 14:15:08
veracode
veracode
Information Disclosure
2022-09-16 06:55:11
Information Disclosure
2022-09-16 06:34:58
suse
suse
Security update for podman (moderate)
2022-10-31 00:00:00
Security update for podman (moderate)
2022-10-31 00:00:00
Security update for buildah (important)
2022-10-26 00:00:00
ubuntu
ubuntu
Podman vulnerability
2023-08-16 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2227
2023-09-05 09:31:53
mageia
mageia
Updated skopeo/buildah/podman packages fix security vulnerability
2023-07-07 08:54:45
gentoo
gentoo
podman: Multiple Vulnerabilities
2024-07-05 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2023-4.0-0429
2023-07-18 00:00:00
7.1 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
7.8 High
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
17.8%
Related for REDHAT-RHSA-2022-8431.NASL