Lucene search
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2024-2004.NASLHistoryApr 24, 2024 - 12:00 a.m.
RHEL 7 : kernel (RHSA-2024:2004)
2024-04-2400:00:00
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
48
rhel 7
kernel
vulnerabilities
race condition
bluetooth
unauthorized management command
use after free
net/sched
uaf
irdma
improper access control
nessus
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.1 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
32.6%
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2004 advisory.
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security fixes:
* kernel: use after free in unix_stream_sendpage (CVE-2023-4622)
* Kernel: bluetooth: Unauthorized management command execution (CVE-2023-2002)
* kernel: irdma: Improper access control (CVE-2023-25775)
* kernel: net/sched: sch_hfsc UAF (CVE-2023-4623)
* kernel: race condition in VT_RESIZEX ioctl when vc_cons[i].d is already NULL leading to NULL pointer dereference (CVE-2020-36558)
This update also fixes the following bugs:
* NFS client closes active connection (RHEL-22193)
* kernel panic at __list_del_entry from smb2_reconnect_server (RHEL-26301)
* kernel: race condition when call to VT_RESIZEX ioctl and vc_cons[i].d is already NULL, causing a NULL pointer dereference. (RHEL-28639)
* kernel: net/sched: sch_hfsc UAF (RHEL-16458)
* kernel: irdma: Improper access control (RHEL-6299)
* The message in RHEL 7 ?stack-protector: Kernel stack is corrupted in:? is triggered because perf_trace_buf_prepare() does not verify that per_cpu array perf_trace_buf has allocated per_cpu buffers in it. (RHEL-18052)
* [rhel7] gfs2: Invalid metadata access in punch_hole (RHEL-28785)
* UDP packets dropped due to SELinux denial (RHEL-27751)
* Boot fails with kernel panic at acpi_device_hid+0x6 (RHEL-8721)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the applicationās self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2024:2004. The text
# itself is copyright (C) Red Hat, Inc.
##
include('compat.inc');
if (description)
{
script_id(193779);
script_version("1.1");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/06/04");
script_cve_id(
"CVE-2020-36558",
"CVE-2023-2002",
"CVE-2023-4622",
"CVE-2023-4623",
"CVE-2023-25775"
);
script_xref(name:"RHSA", value:"2024:2004");
script_name(english:"RHEL 7 : kernel (RHSA-2024:2004)");
script_set_attribute(attribute:"synopsis", value:
"The remote Red Hat host is missing one or more security updates for kernel.");
script_set_attribute(attribute:"description", value:
"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as
referenced in the RHSA-2024:2004 advisory.
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security fixes:
* kernel: use after free in unix_stream_sendpage (CVE-2023-4622)
* Kernel: bluetooth: Unauthorized management command execution (CVE-2023-2002)
* kernel: irdma: Improper access control (CVE-2023-25775)
* kernel: net/sched: sch_hfsc UAF (CVE-2023-4623)
* kernel: race condition in VT_RESIZEX ioctl when vc_cons[i].d is already NULL leading to NULL pointer
dereference (CVE-2020-36558)
This update also fixes the following bugs:
* NFS client closes active connection (RHEL-22193)
* kernel panic at __list_del_entry from smb2_reconnect_server (RHEL-26301)
* kernel: race condition when call to VT_RESIZEX ioctl and vc_cons[i].d is already NULL, causing a NULL
pointer dereference. (RHEL-28639)
* kernel: net/sched: sch_hfsc UAF (RHEL-16458)
* kernel: irdma: Improper access control (RHEL-6299)
* The message in RHEL 7 ?stack-protector: Kernel stack is corrupted in:? is triggered because
perf_trace_buf_prepare() does not verify that per_cpu array perf_trace_buf has allocated per_cpu buffers
in it. (RHEL-18052)
* [rhel7] gfs2: Invalid metadata access in punch_hole (RHEL-28785)
* UDP packets dropped due to SELinux denial (RHEL-27751)
* Boot fails with kernel panic at acpi_device_hid+0x6 (RHEL-8721)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and
other related information, refer to the CVE page(s) listed in the References section.
Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/updates/classification/#important");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2112693");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2187308");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2231410");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2237757");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2237760");
# https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_2004.json
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?2fa1aa22");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2024:2004");
script_set_attribute(attribute:"solution", value:
"Update the RHEL kernel package based on the guidance in RHSA-2024:2004.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-25775");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_cwe_id(250, 284, 416, 476);
script_set_attribute(attribute:"vendor_severity", value:"Important");
script_set_attribute(attribute:"vuln_publication_date", value:"2022/07/21");
script_set_attribute(attribute:"patch_publication_date", value:"2024/04/23");
script_set_attribute(attribute:"plugin_publication_date", value:"2024/04/24");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bpftool");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-bootwrapper");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debug");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-kdump");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-tools");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:perf");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-perf");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Red Hat Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl", "redhat_repos.nasl", "linux_alt_patch_detect.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
exit(0);
}
include('rpm.inc');
include('rhel.inc');
include('ksplice.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/RedHat/release');
if (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');
var os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');
os_ver = os_ver[1];
if (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);
if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);
if (get_one_kb_item('Host/ksplice/kernel-cves'))
{
rm_kb_item(name:'Host/uptrack-uname-r');
var cve_list = make_list('CVE-2020-36558', 'CVE-2023-2002', 'CVE-2023-4622', 'CVE-2023-4623', 'CVE-2023-25775');
if (ksplice_cves_check(cve_list))
{
audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for RHSA-2024:2004');
}
else
{
__rpm_report = ksplice_reporting_text();
}
}
var constraints = [
{
'repo_relative_urls': [
'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/debug',
'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/debug',
'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/os',
'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/source/SRPMS',
'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/os',
'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/source/SRPMS',
'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/debug',
'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/debug',
'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/os',
'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/source/SRPMS',
'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/os',
'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/source/SRPMS',
'content/dist/rhel/client/7/7.9/x86_64/debug',
'content/dist/rhel/client/7/7.9/x86_64/optional/debug',
'content/dist/rhel/client/7/7.9/x86_64/optional/os',
'content/dist/rhel/client/7/7.9/x86_64/optional/source/SRPMS',
'content/dist/rhel/client/7/7.9/x86_64/os',
'content/dist/rhel/client/7/7.9/x86_64/source/SRPMS',
'content/dist/rhel/client/7/7Client/x86_64/debug',
'content/dist/rhel/client/7/7Client/x86_64/optional/debug',
'content/dist/rhel/client/7/7Client/x86_64/optional/os',
'content/dist/rhel/client/7/7Client/x86_64/optional/source/SRPMS',
'content/dist/rhel/client/7/7Client/x86_64/os',
'content/dist/rhel/client/7/7Client/x86_64/source/SRPMS',
'content/dist/rhel/computenode/7/7.9/x86_64/optional/debug',
'content/dist/rhel/computenode/7/7.9/x86_64/optional/os',
'content/dist/rhel/computenode/7/7.9/x86_64/optional/source/SRPMS',
'content/dist/rhel/computenode/7/7ComputeNode/x86_64/debug',
'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/debug',
'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/os',
'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/source/SRPMS',
'content/dist/rhel/computenode/7/7ComputeNode/x86_64/os',
'content/dist/rhel/computenode/7/7ComputeNode/x86_64/source/SRPMS',
'content/dist/rhel/power-le/7/7.9/ppc64le/debug',
'content/dist/rhel/power-le/7/7.9/ppc64le/highavailability/debug',
'content/dist/rhel/power-le/7/7.9/ppc64le/highavailability/os',
'content/dist/rhel/power-le/7/7.9/ppc64le/highavailability/source/SRPMS',
'content/dist/rhel/power-le/7/7.9/ppc64le/optional/debug',
'content/dist/rhel/power-le/7/7.9/ppc64le/optional/os',
'content/dist/rhel/power-le/7/7.9/ppc64le/optional/source/SRPMS',
'content/dist/rhel/power-le/7/7.9/ppc64le/os',
'content/dist/rhel/power-le/7/7.9/ppc64le/resilientstorage/debug',
'content/dist/rhel/power-le/7/7.9/ppc64le/resilientstorage/os',
'content/dist/rhel/power-le/7/7.9/ppc64le/resilientstorage/source/SRPMS',
'content/dist/rhel/power-le/7/7.9/ppc64le/source/SRPMS',
'content/dist/rhel/power-le/7/7Server/ppc64le/debug',
'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/debug',
'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/os',
'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/source/SRPMS',
'content/dist/rhel/power-le/7/7Server/ppc64le/optional/debug',
'content/dist/rhel/power-le/7/7Server/ppc64le/optional/os',
'content/dist/rhel/power-le/7/7Server/ppc64le/optional/source/SRPMS',
'content/dist/rhel/power-le/7/7Server/ppc64le/os',
'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/debug',
'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/os',
'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/source/SRPMS',
'content/dist/rhel/power-le/7/7Server/ppc64le/source/SRPMS',
'content/dist/rhel/power/7/7.9/ppc64/debug',
'content/dist/rhel/power/7/7.9/ppc64/optional/debug',
'content/dist/rhel/power/7/7.9/ppc64/optional/os',
'content/dist/rhel/power/7/7.9/ppc64/optional/source/SRPMS',
'content/dist/rhel/power/7/7.9/ppc64/os',
'content/dist/rhel/power/7/7.9/ppc64/source/SRPMS',
'content/dist/rhel/power/7/7Server/ppc64/debug',
'content/dist/rhel/power/7/7Server/ppc64/optional/debug',
'content/dist/rhel/power/7/7Server/ppc64/optional/os',
'content/dist/rhel/power/7/7Server/ppc64/optional/source/SRPMS',
'content/dist/rhel/power/7/7Server/ppc64/os',
'content/dist/rhel/power/7/7Server/ppc64/source/SRPMS',
'content/dist/rhel/server/7/7.9/x86_64/debug',
'content/dist/rhel/server/7/7.9/x86_64/highavailability/debug',
'content/dist/rhel/server/7/7.9/x86_64/highavailability/os',
'content/dist/rhel/server/7/7.9/x86_64/highavailability/source/SRPMS',
'content/dist/rhel/server/7/7.9/x86_64/optional/debug',
'content/dist/rhel/server/7/7.9/x86_64/optional/os',
'content/dist/rhel/server/7/7.9/x86_64/optional/source/SRPMS',
'content/dist/rhel/server/7/7.9/x86_64/os',
'content/dist/rhel/server/7/7.9/x86_64/resilientstorage/debug',
'content/dist/rhel/server/7/7.9/x86_64/resilientstorage/os',
'content/dist/rhel/server/7/7.9/x86_64/resilientstorage/source/SRPMS',
'content/dist/rhel/server/7/7.9/x86_64/source/SRPMS',
'content/dist/rhel/server/7/7Server/x86_64/debug',
'content/dist/rhel/server/7/7Server/x86_64/highavailability/debug',
'content/dist/rhel/server/7/7Server/x86_64/highavailability/os',
'content/dist/rhel/server/7/7Server/x86_64/highavailability/source/SRPMS',
'content/dist/rhel/server/7/7Server/x86_64/optional/debug',
'content/dist/rhel/server/7/7Server/x86_64/optional/os',
'content/dist/rhel/server/7/7Server/x86_64/optional/source/SRPMS',
'content/dist/rhel/server/7/7Server/x86_64/os',
'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/debug',
'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/os',
'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/source/SRPMS',
'content/dist/rhel/server/7/7Server/x86_64/source/SRPMS',
'content/dist/rhel/system-z/7/7.9/s390x/debug',
'content/dist/rhel/system-z/7/7.9/s390x/highavailability/debug',
'content/dist/rhel/system-z/7/7.9/s390x/highavailability/os',
'content/dist/rhel/system-z/7/7.9/s390x/highavailability/source/SRPMS',
'content/dist/rhel/system-z/7/7.9/s390x/optional/debug',
'content/dist/rhel/system-z/7/7.9/s390x/optional/os',
'content/dist/rhel/system-z/7/7.9/s390x/optional/source/SRPMS',
'content/dist/rhel/system-z/7/7.9/s390x/os',
'content/dist/rhel/system-z/7/7.9/s390x/resilientstorage/debug',
'content/dist/rhel/system-z/7/7.9/s390x/resilientstorage/os',
'content/dist/rhel/system-z/7/7.9/s390x/resilientstorage/source/SRPMS',
'content/dist/rhel/system-z/7/7.9/s390x/source/SRPMS',
'content/dist/rhel/system-z/7/7Server/s390x/debug',
'content/dist/rhel/system-z/7/7Server/s390x/highavailability/debug',
'content/dist/rhel/system-z/7/7Server/s390x/highavailability/os',
'content/dist/rhel/system-z/7/7Server/s390x/highavailability/source/SRPMS',
'content/dist/rhel/system-z/7/7Server/s390x/optional/debug',
'content/dist/rhel/system-z/7/7Server/s390x/optional/os',
'content/dist/rhel/system-z/7/7Server/s390x/optional/source/SRPMS',
'content/dist/rhel/system-z/7/7Server/s390x/os',
'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/debug',
'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/os',
'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/source/SRPMS',
'content/dist/rhel/system-z/7/7Server/s390x/source/SRPMS',
'content/dist/rhel/workstation/7/7.9/x86_64/debug',
'content/dist/rhel/workstation/7/7.9/x86_64/optional/debug',
'content/dist/rhel/workstation/7/7.9/x86_64/optional/os',
'content/dist/rhel/workstation/7/7.9/x86_64/optional/source/SRPMS',
'content/dist/rhel/workstation/7/7.9/x86_64/os',
'content/dist/rhel/workstation/7/7.9/x86_64/source/SRPMS',
'content/dist/rhel/workstation/7/7Workstation/x86_64/debug',
'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/debug',
'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/os',
'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/source/SRPMS',
'content/dist/rhel/workstation/7/7Workstation/x86_64/os',
'content/dist/rhel/workstation/7/7Workstation/x86_64/source/SRPMS',
'content/fastrack/rhel/client/7/x86_64/debug',
'content/fastrack/rhel/client/7/x86_64/optional/debug',
'content/fastrack/rhel/client/7/x86_64/optional/os',
'content/fastrack/rhel/client/7/x86_64/optional/source/SRPMS',
'content/fastrack/rhel/client/7/x86_64/os',
'content/fastrack/rhel/client/7/x86_64/source/SRPMS',
'content/fastrack/rhel/computenode/7/x86_64/debug',
'content/fastrack/rhel/computenode/7/x86_64/optional/debug',
'content/fastrack/rhel/computenode/7/x86_64/optional/os',
'content/fastrack/rhel/computenode/7/x86_64/optional/source/SRPMS',
'content/fastrack/rhel/computenode/7/x86_64/os',
'content/fastrack/rhel/computenode/7/x86_64/source/SRPMS',
'content/fastrack/rhel/power/7/ppc64/debug',
'content/fastrack/rhel/power/7/ppc64/optional/debug',
'content/fastrack/rhel/power/7/ppc64/optional/os',
'content/fastrack/rhel/power/7/ppc64/optional/source/SRPMS',
'content/fastrack/rhel/power/7/ppc64/os',
'content/fastrack/rhel/power/7/ppc64/source/SRPMS',
'content/fastrack/rhel/server/7/x86_64/debug',
'content/fastrack/rhel/server/7/x86_64/highavailability/debug',
'content/fastrack/rhel/server/7/x86_64/highavailability/os',
'content/fastrack/rhel/server/7/x86_64/highavailability/source/SRPMS',
'content/fastrack/rhel/server/7/x86_64/optional/debug',
'content/fastrack/rhel/server/7/x86_64/optional/os',
'content/fastrack/rhel/server/7/x86_64/optional/source/SRPMS',
'content/fastrack/rhel/server/7/x86_64/os',
'content/fastrack/rhel/server/7/x86_64/resilientstorage/debug',
'content/fastrack/rhel/server/7/x86_64/resilientstorage/os',
'content/fastrack/rhel/server/7/x86_64/resilientstorage/source/SRPMS',
'content/fastrack/rhel/server/7/x86_64/source/SRPMS',
'content/fastrack/rhel/system-z/7/s390x/debug',
'content/fastrack/rhel/system-z/7/s390x/optional/debug',
'content/fastrack/rhel/system-z/7/s390x/optional/os',
'content/fastrack/rhel/system-z/7/s390x/optional/source/SRPMS',
'content/fastrack/rhel/system-z/7/s390x/os',
'content/fastrack/rhel/system-z/7/s390x/source/SRPMS',
'content/fastrack/rhel/workstation/7/x86_64/debug',
'content/fastrack/rhel/workstation/7/x86_64/optional/debug',
'content/fastrack/rhel/workstation/7/x86_64/optional/os',
'content/fastrack/rhel/workstation/7/x86_64/optional/source/SRPMS',
'content/fastrack/rhel/workstation/7/x86_64/os',
'content/fastrack/rhel/workstation/7/x86_64/source/SRPMS'
],
'pkgs': [
{'reference':'bpftool-3.10.0-1160.118.1.el7', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'bpftool-3.10.0-1160.118.1.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'bpftool-3.10.0-1160.118.1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'bpftool-3.10.0-1160.118.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-3.10.0-1160.118.1.el7', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-3.10.0-1160.118.1.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-3.10.0-1160.118.1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-3.10.0-1160.118.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-bootwrapper-3.10.0-1160.118.1.el7', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-bootwrapper-3.10.0-1160.118.1.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-3.10.0-1160.118.1.el7', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-3.10.0-1160.118.1.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-3.10.0-1160.118.1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-3.10.0-1160.118.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-devel-3.10.0-1160.118.1.el7', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-devel-3.10.0-1160.118.1.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-devel-3.10.0-1160.118.1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-devel-3.10.0-1160.118.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-devel-3.10.0-1160.118.1.el7', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-devel-3.10.0-1160.118.1.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-devel-3.10.0-1160.118.1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-devel-3.10.0-1160.118.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-kdump-3.10.0-1160.118.1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-kdump-devel-3.10.0-1160.118.1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-3.10.0-1160.118.1.el7', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-3.10.0-1160.118.1.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-3.10.0-1160.118.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-libs-3.10.0-1160.118.1.el7', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-libs-3.10.0-1160.118.1.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-libs-3.10.0-1160.118.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-libs-devel-3.10.0-1160.118.1.el7', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-libs-devel-3.10.0-1160.118.1.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-libs-devel-3.10.0-1160.118.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'perf-3.10.0-1160.118.1.el7', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'perf-3.10.0-1160.118.1.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'perf-3.10.0-1160.118.1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'perf-3.10.0-1160.118.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python-perf-3.10.0-1160.118.1.el7', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python-perf-3.10.0-1160.118.1.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python-perf-3.10.0-1160.118.1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python-perf-3.10.0-1160.118.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE}
]
}
];
var applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);
if(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);
var flag = 0;
foreach var constraint_array ( constraints ) {
var repo_relative_urls = NULL;
if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];
foreach var pkg ( constraint_array['pkgs'] ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var el_string = NULL;
var rpm_spec_vers_cmp = NULL;
var epoch = NULL;
var allowmaj = NULL;
var exists_check = NULL;
var cves = NULL;
if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];
if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
if (reference &&
_release &&
rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&
(applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&
rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
}
}
if (flag)
{
var extra = NULL;
if (isnull(applicable_repo_urls) || !applicable_repo_urls) extra = rpm_report_get() + redhat_report_repo_caveat();
else extra = rpm_report_get();
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : extra
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bpftool / kernel / kernel-bootwrapper / kernel-debug / etc');
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| redhat | enterprise_linux | bpftool | p-cpe:/a:redhat:enterprise_linux:bpftool |
| redhat | enterprise_linux | kernel-tools | p-cpe:/a:redhat:enterprise_linux:kernel-tools |
| redhat | enterprise_linux | 7 | cpe:/o:redhat:enterprise_linux:7 |
| redhat | enterprise_linux | kernel-devel | p-cpe:/a:redhat:enterprise_linux:kernel-devel |
| redhat | enterprise_linux | kernel-tools-libs-devel | p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel |
| redhat | enterprise_linux | kernel-debug-devel | p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel |
| redhat | enterprise_linux | kernel-kdump | p-cpe:/a:redhat:enterprise_linux:kernel-kdump |
| redhat | enterprise_linux | kernel-bootwrapper | p-cpe:/a:redhat:enterprise_linux:kernel-bootwrapper |
| redhat | enterprise_linux | kernel-tools-libs | p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs |
| redhat | enterprise_linux | python-perf | p-cpe:/a:redhat:enterprise_linux:python-perf |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36558
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2002
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25775
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4622
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4623
www.nessus.org/u?2fa1aa22
access.redhat.com/errata/RHSA-2024:2004
access.redhat.com/security/updates/classification/#important
bugzilla.redhat.com/show_bug.cgi?id=2112693
bugzilla.redhat.com/show_bug.cgi?id=2187308
bugzilla.redhat.com/show_bug.cgi?id=2231410
bugzilla.redhat.com/show_bug.cgi?id=2237757
bugzilla.redhat.com/show_bug.cgi?id=2237760
Related
nessus
nessus
RHEL 7 : kernel-rt (RHSA-2024:2003)
2024-04-24 00:00:00
CentOS 7 : kernel (RHSA-2024:2004)
2024-04-26 00:00:00
Oracle Linux 7 : kernel (ELSA-2024-2004)
2024-04-24 00:00:00
redhat
redhat
(RHSA-2024:2003) Important: kernel-rt security update
2024-04-23 15:15:31
(RHSA-2024:2004) Important: kernel security and bug fix update
2024-04-23 15:15:34
(RHSA-2024:1960) Important: kpatch-patch security update
2024-04-23 00:08:42
oraclelinux
oraclelinux
kernel security and bug fix update
2024-04-23 00:00:00
Unbreakable Enterprise kernel security update
2023-12-11 00:00:00
kernel security update
2024-02-09 00:00:00
virtuozzo
virtuozzo
osv
osv
linux-oem-6.1 vulnerabilities
2023-10-04 20:59:37
ubuntu
ubuntu
Linux kernel (OEM) vulnerabilities
2023-10-04 00:00:00
Linux kernel vulnerabilities
2023-11-21 00:00:00
Linux kernel vulnerabilities
2023-11-30 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-6415-1)
2023-10-05 00:00:00
openSUSE: Security Advisory for the Linux Kernel RT (Live Patch 13 for SLE 15 SP4) (SUSE-SU-2023:4164-1)
2024-03-04 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2022-2712)
2022-11-04 00:00:00
debiancve
debiancve
prion
prion
Improper access control
2023-08-11 03:15:00
Race condition
2022-07-21 04:15:00
Design/Logic Flaw
2023-09-06 14:15:00
nvd
nvd
redhatcve
redhatcve
ubuntucve
ubuntucve
cvelist
cvelist
CVE-2020-36558
2022-07-21 03:46:33
CVE-2023-25775
2023-08-11 02:36:57
CVE-2023-4622 Use-after-free in Linux kernel's af_unix component
2023-09-06 13:56:56
cve
cve
veracode
veracode
Denial Of Service (DoS)
2023-01-28 00:46:29
broadcom
broadcom
f5
f5
K000135996 : Intel RDMA Ethernet Controller vulnerability CVE-2023-25775
2023-08-28 00:00:00
intel
intel
IntelĀ® Ethernet Controller RDMA Driver for Linux Advisory
2023-08-08 00:00:00
amazon
amazon
Important: kernel
2023-09-27 22:48:00
cbl_mariner
cbl_mariner
cnvd
cnvd
Linux kernel elevation of privilege vulnerability (CNVD-2023-70080)
2023-09-11 00:00:00
Linux kernel elevation of privilege vulnerability (CNVD-2023-70079)
2023-09-11 00:00:00
Linux kernel command execution vulnerability
2023-05-31 00:00:00
githubexploit
githubexploit
Exploit for Execution with Unnecessary Privileges in Linux Linux Kernel
2023-04-16 10:05:13
photon
photon
Important Photon OS Security Update - PHSA-2023-3.0-0656
2023-09-27 00:00:00
Important Photon OS Security Update - PHSA-2023-5.0-0101
2023-09-26 00:00:00
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.1 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
32.6%
Related for REDHAT-RHSA-2024-2004.NASL