Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2024-0412.NASL
HistoryJan 25, 2024 - 12:00 a.m.

RHEL 8 : kernel (RHSA-2024:0412)

2024-01-2500:00:00
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
14
redhat enterprise linux 8
kernel vulnerabilities
local user
random memory
denial of service
privilege escalation
crash
system
kernel space
use-after-free
race condition
information leak
buffer overflow
cve-2022-0854
cve-2022-1016
cve-2022-1679
cve-2022-20141
cve-2022-3028
cve-2022-30594
cve-2022-3522
cve-2022-3567
cve-2022-3628
cve-2022-40982
cve-2022-41218
cve-2022-4129
cve-2022-41858

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

10 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N

9.6 High

AI Score

Confidence

High

0.024 Low

EPSS

Percentile

90.1%

JSON

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0412 advisory.

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

* kernel: bpf: Incorrect verifier pruning leads to unsafe code paths being incorrectly marked as safe     (CVE-2023-2163)

* kernel: net/sched: multiple vulnerabilities (CVE-2023-3611, CVE-2023-4623)

* kernel: tun: bugs for oversize packet when napi frags enabled in tun_napi_alloc_frags (CVE-2023-3812)

* kernel: use after free in unix_stream_sendpage (CVE-2023-4622)

* kernel: use after free in nvmet_tcp_free_crypto in NVMe (CVE-2023-5178)

* kernel: out-of-bounds write in qfq_change_class function (CVE-2023-31436)

* kernel: netfilter: potential slab-out-of-bound access due to integer underflow (CVE-2023-42753)

* kernel: IGB driver inadequate buffer size for frames larger than MTU (CVE-2023-45871)

* kernel: multiple race condition vulnerabilities (CVE-2022-3028, CVE-2022-3522, CVE-2023-33203,     CVE-2023-35823, CVE-2023-35824, CVE-2022-3567, BZ#2230094)

* kernel: swiotlb information leak with DMA_FROM_DEVICE (CVE-2022-0854)

* kernel: uninitialized registers on stack in nft_do_chain can cause kernel pointer leakage to UM     (CVE-2022-1016)

* kernel: use-after-free in ath9k_htc_probe_device() could cause an escalation of privileges     (CVE-2022-1679)

* kernel: USB-accessible buffer overflow in brcmfmac (CVE-2022-3628)

* kernel: multiple NULL pointer dereference vulnerabilities (CVE-2022-4129, CVE-2022-47929, CVE-2023-0394,     CVE-2023-3772, CVE-2023-4459)

* kernel: igmp: use-after-free in ip_check_mc_rcu when opening and closing inet sockets (CVE-2022-20141)

* kernel: Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP option (CVE-2022-30594)

* hw: Intel: Gather Data Sampling (GDS) side channel vulnerability (CVE-2022-40982)

* kernel: Report vmalloc UAF in dvb-core/dmxdev (CVE-2022-41218)

* kernel: null-ptr-deref vulnerabilities in sl_tx_timeout in drivers/net/slip (CVE-2022-41858)

* kernel: memory corruption in usbmon driver (CVE-2022-43750)

* kernel: HID: multiple vulnerabilities (CVE-2023-1073, CVE-2023-1079)

* kernel: use-after-free caused by invalid pointer hostname in fs/cifs/connect.c (CVE-2023-1195)

* kernel: denial of service in tipc_conn_close (CVE-2023-1382)

* kernel: Possible use-after-free since the two fdget() during vhost_net_set_backend() (CVE-2023-1838)

* kernel: Spectre v2 SMT mitigations problem (CVE-2023-1998)

* Kernel: UAF during login when accessing the shost ipaddress (CVE-2023-2162)

* kernel: i2c: out-of-bounds write in xgene_slimpro_i2c_xfer() (CVE-2023-2194)

* kernel: ext4: use-after-free in ext4_xattr_set_entry() (CVE-2023-2513)

* kernel: fbcon: shift-out-of-bounds in fbcon_set_font() (CVE-2023-3161)

* kernel: out-of-bounds access in relay_file_read (CVE-2023-3268)

* kernel: use after free in vcs_read in drivers/tty/vt/vc_screen.c due to race (CVE-2023-3567)

* kernel: Race between task migrating pages and another task calling exit_mmap (CVE-2023-4732)

* kernel: slab-out-of-bounds read vulnerabilities in cbq_classify (CVE-2023-23454)

* kernel: mpls: double free on sysctl allocation failure (CVE-2023-26545)

* kernel: fbcon: out-of-sync arrays in fbcon_mode_deleted due to wrong con2fb_map assignment     (CVE-2023-38409)

* kernel: use-after-free after removing device in wb_inode_writeback_end in mm/page-writeback.c     (CVE-2024-0562)

* kernel: use-after-free in smb2_is_status_io_timeout() (CVE-2023-1192)

* kernel: use-after-free bug in remove function xgene_hwmon_remove (CVE-2023-1855)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

* bpf_jit_limit hit again (BZ#2243013)

* HPE Edgeline 920t resets during kdump context when ice driver is loaded and when system is booted with     intel_iommu=on iommu=pt (BZ#2244627)

* RHEL8.6 - s390/dasd: Use correct lock while counting channel queue length (BZ#2250882)

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2024:0412. The text
# itself is copyright (C) Red Hat, Inc.
##

include('compat.inc');

if (description)
{
  script_id(189549);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/06/19");

  script_cve_id(
    "CVE-2022-0854",
    "CVE-2022-1016",
    "CVE-2022-1679",
    "CVE-2022-3028",
    "CVE-2022-3522",
    "CVE-2022-3567",
    "CVE-2022-3628",
    "CVE-2022-4129",
    "CVE-2022-20141",
    "CVE-2022-30594",
    "CVE-2022-40982",
    "CVE-2022-41218",
    "CVE-2022-41858",
    "CVE-2022-43750",
    "CVE-2022-47929",
    "CVE-2023-0394",
    "CVE-2023-1073",
    "CVE-2023-1079",
    "CVE-2023-1192",
    "CVE-2023-1195",
    "CVE-2023-1382",
    "CVE-2023-1838",
    "CVE-2023-1855",
    "CVE-2023-1998",
    "CVE-2023-2162",
    "CVE-2023-2163",
    "CVE-2023-2194",
    "CVE-2023-2513",
    "CVE-2023-3161",
    "CVE-2023-3268",
    "CVE-2023-3567",
    "CVE-2023-3611",
    "CVE-2023-3772",
    "CVE-2023-3812",
    "CVE-2023-4459",
    "CVE-2023-4622",
    "CVE-2023-4623",
    "CVE-2023-4732",
    "CVE-2023-5178",
    "CVE-2023-23454",
    "CVE-2023-26545",
    "CVE-2023-31436",
    "CVE-2023-33203",
    "CVE-2023-35823",
    "CVE-2023-35824",
    "CVE-2023-38409",
    "CVE-2023-42753",
    "CVE-2023-45871",
    "CVE-2024-0562"
  );
  script_xref(name:"RHSA", value:"2024:0412");

  script_name(english:"RHEL 8 : kernel (RHSA-2024:0412)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Red Hat host is missing one or more security updates for kernel.");
  script_set_attribute(attribute:"description", value:
"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as
referenced in the RHSA-2024:0412 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: bpf: Incorrect verifier pruning leads to unsafe code paths being incorrectly marked as safe
    (CVE-2023-2163)

    * kernel: net/sched: multiple vulnerabilities (CVE-2023-3611, CVE-2023-4623)

    * kernel: tun: bugs for oversize packet when napi frags enabled in tun_napi_alloc_frags (CVE-2023-3812)

    * kernel: use after free in unix_stream_sendpage (CVE-2023-4622)

    * kernel: use after free in nvmet_tcp_free_crypto in NVMe (CVE-2023-5178)

    * kernel: out-of-bounds write in qfq_change_class function (CVE-2023-31436)

    * kernel: netfilter: potential slab-out-of-bound access due to integer underflow (CVE-2023-42753)

    * kernel: IGB driver inadequate buffer size for frames larger than MTU (CVE-2023-45871)

    * kernel: multiple race condition vulnerabilities (CVE-2022-3028, CVE-2022-3522, CVE-2023-33203,
    CVE-2023-35823, CVE-2023-35824, CVE-2022-3567, BZ#2230094)

    * kernel: swiotlb information leak with DMA_FROM_DEVICE (CVE-2022-0854)

    * kernel: uninitialized registers on stack in nft_do_chain can cause kernel pointer leakage to UM
    (CVE-2022-1016)

    * kernel: use-after-free in ath9k_htc_probe_device() could cause an escalation of privileges
    (CVE-2022-1679)

    * kernel: USB-accessible buffer overflow in brcmfmac (CVE-2022-3628)

    * kernel: multiple NULL pointer dereference vulnerabilities (CVE-2022-4129, CVE-2022-47929, CVE-2023-0394,
    CVE-2023-3772, CVE-2023-4459)

    * kernel: igmp: use-after-free in ip_check_mc_rcu when opening and closing inet sockets (CVE-2022-20141)

    * kernel: Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP option (CVE-2022-30594)

    * hw: Intel: Gather Data Sampling (GDS) side channel vulnerability (CVE-2022-40982)

    * kernel: Report vmalloc UAF in dvb-core/dmxdev (CVE-2022-41218)

    * kernel: null-ptr-deref vulnerabilities in sl_tx_timeout in drivers/net/slip (CVE-2022-41858)

    * kernel: memory corruption in usbmon driver (CVE-2022-43750)

    * kernel: HID: multiple vulnerabilities (CVE-2023-1073, CVE-2023-1079)

    * kernel: use-after-free caused by invalid pointer hostname in fs/cifs/connect.c (CVE-2023-1195)

    * kernel: denial of service in tipc_conn_close (CVE-2023-1382)

    * kernel: Possible use-after-free since the two fdget() during vhost_net_set_backend() (CVE-2023-1838)

    * kernel: Spectre v2 SMT mitigations problem (CVE-2023-1998)

    * Kernel: UAF during login when accessing the shost ipaddress (CVE-2023-2162)

    * kernel: i2c: out-of-bounds write in xgene_slimpro_i2c_xfer() (CVE-2023-2194)

    * kernel: ext4: use-after-free in ext4_xattr_set_entry() (CVE-2023-2513)

    * kernel: fbcon: shift-out-of-bounds in fbcon_set_font() (CVE-2023-3161)

    * kernel: out-of-bounds access in relay_file_read (CVE-2023-3268)

    * kernel: use after free in vcs_read in drivers/tty/vt/vc_screen.c due to race (CVE-2023-3567)

    * kernel: Race between task migrating pages and another task calling exit_mmap (CVE-2023-4732)

    * kernel: slab-out-of-bounds read vulnerabilities in cbq_classify (CVE-2023-23454)

    * kernel: mpls: double free on sysctl allocation failure (CVE-2023-26545)

    * kernel: fbcon: out-of-sync arrays in fbcon_mode_deleted due to wrong con2fb_map assignment
    (CVE-2023-38409)

    * kernel: use-after-free after removing device in wb_inode_writeback_end in mm/page-writeback.c
    (CVE-2024-0562)

    * kernel: use-after-free in smb2_is_status_io_timeout() (CVE-2023-1192)

    * kernel: use-after-free bug in remove function xgene_hwmon_remove (CVE-2023-1855)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and
    other related information, refer to the CVE page(s) listed in the References section.

    Bug Fix(es):

    * bpf_jit_limit hit again (BZ#2243013)

    * HPE Edgeline 920t resets during kdump context when ice driver is loaded and when system is booted with
    intel_iommu=on iommu=pt (BZ#2244627)

    * RHEL8.6 - s390/dasd: Use correct lock while counting channel queue length (BZ#2250882)

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  # https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_0412.json
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?163ecdbb");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/updates/classification/#important");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/solutions/7027704");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2058395");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2066614");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2084125");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2085300");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2087568");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2114937");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2122228");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2122960");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2134528");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2143943");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2144379");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2150960");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2150979");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2151270");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2154171");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2154178");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2162120");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2168246");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2168297");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2173403");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2173444");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2177371");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2182443");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2184578");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2187257");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2187773");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2188396");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2192667");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2192671");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2193097");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2213485");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2215502");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2215835");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2215836");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2218943");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2219268");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2221463");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2223949");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2224048");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2225191");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2230042");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2230094");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2236982");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2237757");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2237760");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2239843");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2240249");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2241924");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2244723");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2258475");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2024:0412");
  script_set_attribute(attribute:"solution", value:
"Update the RHEL kernel package based on the guidance in RHSA-2024:0412.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-1679");
  script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2023-5178");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_cwe_id(120, 125, 129, 200, 276, 362, 366, 401, 415, 416, 421, 476, 667, 682, 787, 909, 1335);
  script_set_attribute(attribute:"vendor_severity", value:"Important");

  script_set_attribute(attribute:"vuln_publication_date", value:"2021/09/30");
  script_set_attribute(attribute:"patch_publication_date", value:"2024/01/25");
  script_set_attribute(attribute:"plugin_publication_date", value:"2024/01/25");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:8");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:rhel_eus:8.6");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bpftool");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-core");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-cross-headers");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debug");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debug-core");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debug-modules");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debug-modules-extra");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-modules");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-modules-extra");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-core");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-modules");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-modules-extra");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:perf");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python3-perf");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Red Hat Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl", "redhat_repos.nasl", "linux_alt_patch_detect.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");

  exit(0);
}


include('rpm.inc');
include('rhel.inc');
include('ksplice.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/RedHat/release');
if (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');
var os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');
os_ver = os_ver[1];
if (!rhel_check_release_list(operator: 'ge', os_version: os_ver, rhel_versions: ['8','8.6'])) audit(AUDIT_OS_NOT, 'Red Hat 8.x / 8.x', 'Red Hat ' + os_ver);

if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);

if (get_one_kb_item('Host/ksplice/kernel-cves'))
{
  rm_kb_item(name:'Host/uptrack-uname-r');
  var cve_list = make_list('CVE-2022-0854', 'CVE-2022-1016', 'CVE-2022-1679', 'CVE-2022-3028', 'CVE-2022-3522', 'CVE-2022-3567', 'CVE-2022-3628', 'CVE-2022-4129', 'CVE-2022-20141', 'CVE-2022-30594', 'CVE-2022-40982', 'CVE-2022-41218', 'CVE-2022-41858', 'CVE-2022-43750', 'CVE-2022-47929', 'CVE-2023-0394', 'CVE-2023-1073', 'CVE-2023-1079', 'CVE-2023-1192', 'CVE-2023-1195', 'CVE-2023-1382', 'CVE-2023-1838', 'CVE-2023-1855', 'CVE-2023-1998', 'CVE-2023-2162', 'CVE-2023-2163', 'CVE-2023-2194', 'CVE-2023-2513', 'CVE-2023-3161', 'CVE-2023-3268', 'CVE-2023-3567', 'CVE-2023-3611', 'CVE-2023-3772', 'CVE-2023-3812', 'CVE-2023-4459', 'CVE-2023-4622', 'CVE-2023-4623', 'CVE-2023-4732', 'CVE-2023-5178', 'CVE-2023-23454', 'CVE-2023-26545', 'CVE-2023-31436', 'CVE-2023-33203', 'CVE-2023-35823', 'CVE-2023-35824', 'CVE-2023-38409', 'CVE-2023-42753', 'CVE-2023-45871', 'CVE-2024-0562');
  if (ksplice_cves_check(cve_list))
  {
    audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for RHSA-2024:0412');
  }
  else
  {
    __rpm_report = ksplice_reporting_text();
  }
}

var constraints = [
  {
    'repo_relative_urls': [
      'content/aus/rhel8/8.6/x86_64/baseos/debug',
      'content/aus/rhel8/8.6/x86_64/baseos/os',
      'content/aus/rhel8/8.6/x86_64/baseos/source/SRPMS',
      'content/e4s/rhel8/8.6/ppc64le/baseos/debug',
      'content/e4s/rhel8/8.6/ppc64le/baseos/os',
      'content/e4s/rhel8/8.6/ppc64le/baseos/source/SRPMS',
      'content/e4s/rhel8/8.6/x86_64/baseos/debug',
      'content/e4s/rhel8/8.6/x86_64/baseos/os',
      'content/e4s/rhel8/8.6/x86_64/baseos/source/SRPMS',
      'content/eus/rhel8/8.6/aarch64/baseos/debug',
      'content/eus/rhel8/8.6/aarch64/baseos/os',
      'content/eus/rhel8/8.6/aarch64/baseos/source/SRPMS',
      'content/eus/rhel8/8.6/aarch64/codeready-builder/debug',
      'content/eus/rhel8/8.6/aarch64/codeready-builder/os',
      'content/eus/rhel8/8.6/aarch64/codeready-builder/source/SRPMS',
      'content/eus/rhel8/8.6/ppc64le/baseos/debug',
      'content/eus/rhel8/8.6/ppc64le/baseos/os',
      'content/eus/rhel8/8.6/ppc64le/baseos/source/SRPMS',
      'content/eus/rhel8/8.6/ppc64le/codeready-builder/debug',
      'content/eus/rhel8/8.6/ppc64le/codeready-builder/os',
      'content/eus/rhel8/8.6/ppc64le/codeready-builder/source/SRPMS',
      'content/eus/rhel8/8.6/s390x/baseos/debug',
      'content/eus/rhel8/8.6/s390x/baseos/os',
      'content/eus/rhel8/8.6/s390x/baseos/source/SRPMS',
      'content/eus/rhel8/8.6/s390x/codeready-builder/debug',
      'content/eus/rhel8/8.6/s390x/codeready-builder/os',
      'content/eus/rhel8/8.6/s390x/codeready-builder/source/SRPMS',
      'content/eus/rhel8/8.6/x86_64/baseos/debug',
      'content/eus/rhel8/8.6/x86_64/baseos/os',
      'content/eus/rhel8/8.6/x86_64/baseos/source/SRPMS',
      'content/eus/rhel8/8.6/x86_64/codeready-builder/debug',
      'content/eus/rhel8/8.6/x86_64/codeready-builder/os',
      'content/eus/rhel8/8.6/x86_64/codeready-builder/source/SRPMS',
      'content/tus/rhel8/8.6/x86_64/baseos/debug',
      'content/tus/rhel8/8.6/x86_64/baseos/os',
      'content/tus/rhel8/8.6/x86_64/baseos/source/SRPMS'
    ],
    'pkgs': [
      {'reference':'bpftool-4.18.0-372.87.1.el8_6', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-4.18.0-372.87.1.el8_6', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-core-4.18.0-372.87.1.el8_6', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-cross-headers-4.18.0-372.87.1.el8_6', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-debug-4.18.0-372.87.1.el8_6', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-debug-core-4.18.0-372.87.1.el8_6', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-debug-devel-4.18.0-372.87.1.el8_6', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-debug-modules-4.18.0-372.87.1.el8_6', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-debug-modules-extra-4.18.0-372.87.1.el8_6', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-devel-4.18.0-372.87.1.el8_6', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-modules-4.18.0-372.87.1.el8_6', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-modules-extra-4.18.0-372.87.1.el8_6', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-tools-4.18.0-372.87.1.el8_6', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-tools-libs-4.18.0-372.87.1.el8_6', 'sp':'6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-tools-libs-4.18.0-372.87.1.el8_6', 'sp':'6', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-tools-libs-4.18.0-372.87.1.el8_6', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-tools-libs-devel-4.18.0-372.87.1.el8_6', 'sp':'6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-tools-libs-devel-4.18.0-372.87.1.el8_6', 'sp':'6', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-tools-libs-devel-4.18.0-372.87.1.el8_6', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-zfcpdump-4.18.0-372.87.1.el8_6', 'sp':'6', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-zfcpdump-core-4.18.0-372.87.1.el8_6', 'sp':'6', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-zfcpdump-devel-4.18.0-372.87.1.el8_6', 'sp':'6', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-zfcpdump-modules-4.18.0-372.87.1.el8_6', 'sp':'6', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-zfcpdump-modules-extra-4.18.0-372.87.1.el8_6', 'sp':'6', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'perf-4.18.0-372.87.1.el8_6', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python3-perf-4.18.0-372.87.1.el8_6', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE}
    ]
  },
  {
    'repo_relative_urls': [
      'content/dist/layered/rhel8/ppc64le/rhv-mgmt-agent/4/debug',
      'content/dist/layered/rhel8/ppc64le/rhv-mgmt-agent/4/os',
      'content/dist/layered/rhel8/ppc64le/rhv-mgmt-agent/4/source/SRPMS',
      'content/dist/layered/rhel8/ppc64le/rhv-tools/4/debug',
      'content/dist/layered/rhel8/ppc64le/rhv-tools/4/os',
      'content/dist/layered/rhel8/ppc64le/rhv-tools/4/source/SRPMS',
      'content/dist/layered/rhel8/x86_64/rhv-mgmt-agent/4/debug',
      'content/dist/layered/rhel8/x86_64/rhv-mgmt-agent/4/os',
      'content/dist/layered/rhel8/x86_64/rhv-mgmt-agent/4/source/SRPMS',
      'content/dist/layered/rhel8/x86_64/rhv-tools/4/debug',
      'content/dist/layered/rhel8/x86_64/rhv-tools/4/os',
      'content/dist/layered/rhel8/x86_64/rhv-tools/4/source/SRPMS',
      'content/dist/layered/rhel8/x86_64/rhvh-build/4/debug',
      'content/dist/layered/rhel8/x86_64/rhvh-build/4/os',
      'content/dist/layered/rhel8/x86_64/rhvh-build/4/source/SRPMS',
      'content/dist/layered/rhel8/x86_64/rhvh/4/debug',
      'content/dist/layered/rhel8/x86_64/rhvh/4/os',
      'content/dist/layered/rhel8/x86_64/rhvh/4/source/SRPMS'
    ],
    'pkgs': [
      {'reference':'bpftool-4.18.0-372.87.1.el8_6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-4.18.0-372.87.1.el8_6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-core-4.18.0-372.87.1.el8_6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-cross-headers-4.18.0-372.87.1.el8_6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-debug-4.18.0-372.87.1.el8_6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-debug-core-4.18.0-372.87.1.el8_6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-debug-devel-4.18.0-372.87.1.el8_6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-debug-modules-4.18.0-372.87.1.el8_6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-debug-modules-extra-4.18.0-372.87.1.el8_6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-devel-4.18.0-372.87.1.el8_6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-modules-4.18.0-372.87.1.el8_6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-modules-extra-4.18.0-372.87.1.el8_6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-tools-4.18.0-372.87.1.el8_6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-tools-libs-4.18.0-372.87.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-tools-libs-4.18.0-372.87.1.el8_6', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-tools-libs-4.18.0-372.87.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-tools-libs-devel-4.18.0-372.87.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-tools-libs-devel-4.18.0-372.87.1.el8_6', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-tools-libs-devel-4.18.0-372.87.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-zfcpdump-4.18.0-372.87.1.el8_6', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-zfcpdump-core-4.18.0-372.87.1.el8_6', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-zfcpdump-devel-4.18.0-372.87.1.el8_6', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-zfcpdump-modules-4.18.0-372.87.1.el8_6', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'kernel-zfcpdump-modules-extra-4.18.0-372.87.1.el8_6', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'perf-4.18.0-372.87.1.el8_6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
      {'reference':'python3-perf-4.18.0-372.87.1.el8_6', 'release':'8', 'rpm_spec_vers_cmp':TRUE}
    ]
  }
];

var applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);
if(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);

var flag = 0;
foreach var constraint_array ( constraints ) {
  var repo_relative_urls = NULL;
  if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];
  foreach var pkg ( constraint_array['pkgs'] ) {
    var reference = NULL;
    var _release = NULL;
    var sp = NULL;
    var _cpu = NULL;
    var el_string = NULL;
    var rpm_spec_vers_cmp = NULL;
    var epoch = NULL;
    var allowmaj = NULL;
    var exists_check = NULL;
    var cves = NULL;
    if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
    if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];
    if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
    if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
    if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
    if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
    if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
    if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
    if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
    if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
    if (reference &&
        _release &&
        rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&
        (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&
        rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
  }
}

if (flag)
{
  var extra = NULL;
  if (isnull(applicable_repo_urls) || !applicable_repo_urls) extra = rpm_report_get() + redhat_report_repo_caveat();
  else extra = rpm_report_get();
  security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : extra
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bpftool / kernel / kernel-core / kernel-cross-headers / etc');
}
VendorProductVersionCPE
redhatenterprise_linuxkernel-debug-corep-cpe:/a:redhat:enterprise_linux:kernel-debug-core
redhatenterprise_linuxkernel-tools-libs-develp-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel
redhatenterprise_linuxkernel-debug-develp-cpe:/a:redhat:enterprise_linux:kernel-debug-devel
redhatenterprise_linuxkernel-corep-cpe:/a:redhat:enterprise_linux:kernel-core
redhatenterprise_linuxkernel-cross-headersp-cpe:/a:redhat:enterprise_linux:kernel-cross-headers
redhatenterprise_linuxkernel-tools-libsp-cpe:/a:redhat:enterprise_linux:kernel-tools-libs
redhatenterprise_linuxperfp-cpe:/a:redhat:enterprise_linux:perf
redhatenterprise_linuxbpftoolp-cpe:/a:redhat:enterprise_linux:bpftool
redhatenterprise_linuxkernel-toolsp-cpe:/a:redhat:enterprise_linux:kernel-tools
redhatenterprise_linuxkernel-zfcpdumpp-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump
Rows per page:
1-10 of 241

References

Related

redhat 32
nessus 88
oraclelinux 8
ibm 7
amazon 8
openvas 15
photon 2
osv 18
ubuntu 9
rocky 4
virtuozzo 2
almalinux 5
ubuntucve 1
redhat
redhat
(RHSA-2024:0412) Important: kernel security and bug fix update
2024-01-24 14:40:22
(RHSA-2024:0198) Important: OpenShift Container Platform 4.12.47 security update
2024-01-17 17:26:25
(RHSA-2024:0378) Important: kpatch-patch security update
2024-01-23 17:16:18
nessus
nessus
RHEL 8 : kernel (RHSA-2024:0562)
2024-01-30 00:00:00
RHEL 8 : kernel-rt (RHSA-2024:0563)
2024-01-30 00:00:00
RHEL 8 : kpatch-patch (RHSA-2024:0378)
2024-01-25 00:00:00
oraclelinux
oraclelinux
kernel security update
2024-01-11 00:00:00
Unbreakable Enterprise kernel security update
2023-03-16 00:00:00
kernel security update
2024-01-26 00:00:00
ibm
ibm
Security Bulletin: Multiple Linux Kernel vulnerabilities affects IBM Storage Scale System.
2024-05-03 09:04:24
Security Bulletin: Multiple Linux Kernel vulnerabilities may affect IBM Storage Scale System
2024-04-04 11:02:32
Security Bulletin: Vulnerabilities in Linux Kernel and Apache Axis can affect IBM Storage Protect Plus
2024-01-31 12:00:02
amazon
amazon
Important: kernel
2023-04-27 16:19:00
Important: kernel
2023-04-27 18:37:00
Medium: kernel
2023-05-11 17:49:00
openvas
openvas
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-1320)
2023-02-09 00:00:00
Ubuntu: Security Advisory (USN-6057-1)
2023-05-08 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-1526)
2023-03-20 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2023-3.0-0656
2023-09-27 00:00:00
Important Photon OS Security Update - PHSA-2023-3.0-0585
2023-05-24 00:00:00
osv
osv
Important: kernel security and bug fix update
2023-12-06 23:16:24
Important: kernel security and bug fix update
2023-12-06 23:18:20
Important: kernel-rt security update
2023-12-06 23:16:07
ubuntu
ubuntu
Linux kernel (Intel IoTG) vulnerabilities
2023-05-05 00:00:00
Linux kernel (OEM) vulnerabilities
2023-10-04 00:00:00
Linux kernel (HWE) vulnerabilities
2023-04-25 00:00:00
rocky
rocky
kernel security and bug fix update
2023-12-06 23:18:20
kernel-rt security update
2023-12-06 23:16:07
kernel security and bug fix update
2023-12-06 23:16:24
virtuozzo
virtuozzo
[Important] [Security] Virtuozzo ReadyKernel Patch 156.4 for Virtuozzo Hybrid Server 7.5
2023-05-23 00:00:00
[Important] [Security] Virtuozzo ReadyKernel Patch 159.0 for Virtuozzo Hybrid Server 7.5
2023-08-21 00:00:00
almalinux
almalinux
Important: kernel security and bug fix update
2023-11-28 00:00:00
Important: kernel security update
2024-01-10 00:00:00
Important: kernel security, bug fix, and enhancement update
2023-05-16 00:00:00
ubuntucve
ubuntucve
CVE-2023-3611
2023-07-21 00:00:00

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

10 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N

9.6 High

AI Score

Confidence

High

0.024 Low

EPSS

Percentile

90.1%

JSON
Related for REDHAT-RHSA-2024-0412.NASL
redhat32nessus88oraclelinux8ibm7amazon8openvas15photon2osv18ubuntu9rocky4virtuozzo2almalinux5ubuntucve1