CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
77.3%
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:1975 advisory.
An out-of-bounds memory write flaw was found in the Linux kernelās joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2021-3612)
A use-after-free flaw was found in the Linux kernelās Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2021-3752)
A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and the attacker can send packets with spoofed IP addresses. (CVE-2021-3772)
A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks. (CVE-2021-3773)
A memory leak flaw in the Linux kernelās hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget() which are aligned to PUD alignment with the fault of some of the memory pages. A local user could use this flaw to get unauthorized access to some data. (CVE-2021-4002)
Note that Nessus has not tested for these issues but has instead relied only on the applicationās self-reported version number.
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# Rocky Linux Security Advisory RLSA-2022:1975.
##
include('compat.inc');
if (description)
{
script_id(161350);
script_version("1.4");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/11/06");
script_cve_id(
"CVE-2020-0404",
"CVE-2020-13974",
"CVE-2020-27820",
"CVE-2021-0941",
"CVE-2021-20322",
"CVE-2021-26401",
"CVE-2021-29154",
"CVE-2021-3612",
"CVE-2021-3669",
"CVE-2021-37159",
"CVE-2021-3743",
"CVE-2021-3744",
"CVE-2021-3752",
"CVE-2021-3759",
"CVE-2021-3764",
"CVE-2021-3772",
"CVE-2021-3773",
"CVE-2021-4002",
"CVE-2021-4037",
"CVE-2021-4083",
"CVE-2021-4157",
"CVE-2021-41864",
"CVE-2021-4197",
"CVE-2021-4203",
"CVE-2021-42739",
"CVE-2021-43389",
"CVE-2021-43976",
"CVE-2021-44733",
"CVE-2021-45485",
"CVE-2021-45486",
"CVE-2022-0001",
"CVE-2022-0002",
"CVE-2022-0286",
"CVE-2022-0322",
"CVE-2022-1011"
);
script_xref(name:"RLSA", value:"2022:1975");
script_name(english:"Rocky Linux 8 : kernel-rt (RLSA-2022:1975)");
script_set_attribute(attribute:"synopsis", value:
"The remote Rocky Linux host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the
RLSA-2022:1975 advisory.
- An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions
before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the
system or possibly escalate their privileges on the system. The highest threat from this vulnerability is
to confidentiality, integrity, as well as system availability. (CVE-2021-3612)
- A use-after-free flaw was found in the Linux kernel's Bluetooth subsystem in the way user calls connect to
the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the
system or escalate their privileges. The highest threat from this vulnerability is to confidentiality,
integrity, as well as system availability. (CVE-2021-3752)
- A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP
association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and
the attacker can send packets with spoofed IP addresses. (CVE-2021-3772)
- A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint
information for further use in traditional network attacks. (CVE-2021-3773)
- A memory leak flaw in the Linux kernel's hugetlbfs memory usage was found in the way the user maps some
regions of memory twice using shmget() which are aligned to PUD alignment with the fault of some of the
memory pages. A local user could use this flaw to get unauthorized access to some data. (CVE-2021-4002)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://errata.rockylinux.org/RLSA-2022:1975");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1901726");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1903578");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1905749");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1919791");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1946684");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1951739");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1974079");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1985353");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1986473");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1997467");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1997961");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1999544");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1999675");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2000627");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2000694");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2004949");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2010463");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2013180");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2014230");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2016169");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2018205");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2025003");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2025726");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2027239");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2029923");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2030747");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2034342");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2035652");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2036934");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2037019");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2039911");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2039914");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2042822");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2061700");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2061712");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2061721");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2064855");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:A/AC:M/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-3752");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2021-3773");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2021/07/09");
script_set_attribute(attribute:"patch_publication_date", value:"2022/05/18");
script_set_attribute(attribute:"plugin_publication_date", value:"2022/05/18");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-rt");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-rt-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-rt-debug");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-rt-debug-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-rt-debug-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-rt-debug-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-rt-debug-kvm");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-rt-debug-modules");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-rt-debug-modules-extra");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-rt-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-rt-debuginfo-common-x86_64");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-rt-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-rt-kvm");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-rt-modules");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-rt-modules-extra");
script_set_attribute(attribute:"cpe", value:"cpe:/o:rocky:linux:8");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Rocky Linux Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl", "linux_alt_patch_detect.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RockyLinux/release", "Host/RockyLinux/rpm-list", "Host/cpu");
exit(0);
}
include('rpm.inc');
include('ksplice.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/RockyLinux/release');
if (isnull(os_release) || 'Rocky Linux' >!< os_release) audit(AUDIT_OS_NOT, 'Rocky Linux');
var os_ver = pregmatch(pattern: "Rocky(?: Linux)? release ([0-9]+(\.[0-9]+)?)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Rocky Linux');
os_ver = os_ver[1];
if (! preg(pattern:"^8([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'Rocky Linux 8.x', 'Rocky Linux ' + os_ver);
if (!get_kb_item('Host/RockyLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Rocky Linux', cpu);
if (get_one_kb_item('Host/ksplice/kernel-cves'))
{
rm_kb_item(name:'Host/uptrack-uname-r');
var cve_list = make_list('CVE-2020-0404', 'CVE-2020-13974', 'CVE-2020-27820', 'CVE-2021-0941', 'CVE-2021-3612', 'CVE-2021-3669', 'CVE-2021-3743', 'CVE-2021-3744', 'CVE-2021-3752', 'CVE-2021-3759', 'CVE-2021-3764', 'CVE-2021-3772', 'CVE-2021-3773', 'CVE-2021-4002', 'CVE-2021-4037', 'CVE-2021-4083', 'CVE-2021-4157', 'CVE-2021-4197', 'CVE-2021-4203', 'CVE-2021-20322', 'CVE-2021-26401', 'CVE-2021-29154', 'CVE-2021-37159', 'CVE-2021-41864', 'CVE-2021-42739', 'CVE-2021-43389', 'CVE-2021-43976', 'CVE-2021-44733', 'CVE-2021-45485', 'CVE-2021-45486', 'CVE-2022-0001', 'CVE-2022-0002', 'CVE-2022-0286', 'CVE-2022-0322', 'CVE-2022-1011');
if (ksplice_cves_check(cve_list))
{
audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for RLSA-2022:1975');
}
else
{
__rpm_report = ksplice_reporting_text();
}
}
var pkgs = [
{'reference':'kernel-rt-4.18.0-372.9.1.rt7.166.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-core-4.18.0-372.9.1.rt7.166.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-debug-4.18.0-372.9.1.rt7.166.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-debug-core-4.18.0-372.9.1.rt7.166.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-debug-debuginfo-4.18.0-372.9.1.rt7.166.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-debug-devel-4.18.0-372.9.1.rt7.166.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-debug-kvm-4.18.0-372.9.1.rt7.166.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-debug-modules-4.18.0-372.9.1.rt7.166.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-debug-modules-extra-4.18.0-372.9.1.rt7.166.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-debuginfo-4.18.0-372.9.1.rt7.166.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-debuginfo-common-x86_64-4.18.0-372.9.1.rt7.166.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-devel-4.18.0-372.9.1.rt7.166.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-kvm-4.18.0-372.9.1.rt7.166.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-modules-4.18.0-372.9.1.rt7.166.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-modules-extra-4.18.0-372.9.1.rt7.166.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}
];
var flag = 0;
foreach var package_array ( pkgs ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var el_string = NULL;
var rpm_spec_vers_cmp = NULL;
var epoch = NULL;
var allowmaj = NULL;
var exists_check = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) _release = 'Rocky-' + package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {
if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-rt / kernel-rt-core / kernel-rt-debug / kernel-rt-debug-core / etc');
}
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0404
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13974
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27820
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0941
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20322
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26401
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29154
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3612
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3669
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37159
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3743
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3744
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3752
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3759
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3764
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3772
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3773
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4002
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4037
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4083
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4157
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41864
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4197
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4203
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42739
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43389
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43976
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44733
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45485
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45486
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0001
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0002
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0286
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0322
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1011
bugzilla.redhat.com/show_bug.cgi?id=1901726
bugzilla.redhat.com/show_bug.cgi?id=1903578
bugzilla.redhat.com/show_bug.cgi?id=1905749
bugzilla.redhat.com/show_bug.cgi?id=1919791
bugzilla.redhat.com/show_bug.cgi?id=1946684
bugzilla.redhat.com/show_bug.cgi?id=1951739
bugzilla.redhat.com/show_bug.cgi?id=1974079
bugzilla.redhat.com/show_bug.cgi?id=1985353
bugzilla.redhat.com/show_bug.cgi?id=1986473
bugzilla.redhat.com/show_bug.cgi?id=1997467
bugzilla.redhat.com/show_bug.cgi?id=1997961
bugzilla.redhat.com/show_bug.cgi?id=1999544
bugzilla.redhat.com/show_bug.cgi?id=1999675
bugzilla.redhat.com/show_bug.cgi?id=2000627
bugzilla.redhat.com/show_bug.cgi?id=2000694
bugzilla.redhat.com/show_bug.cgi?id=2004949
bugzilla.redhat.com/show_bug.cgi?id=2010463
bugzilla.redhat.com/show_bug.cgi?id=2013180
bugzilla.redhat.com/show_bug.cgi?id=2014230
bugzilla.redhat.com/show_bug.cgi?id=2016169
bugzilla.redhat.com/show_bug.cgi?id=2018205
bugzilla.redhat.com/show_bug.cgi?id=2025003
bugzilla.redhat.com/show_bug.cgi?id=2025726
bugzilla.redhat.com/show_bug.cgi?id=2027239
bugzilla.redhat.com/show_bug.cgi?id=2029923
bugzilla.redhat.com/show_bug.cgi?id=2030747
bugzilla.redhat.com/show_bug.cgi?id=2034342
bugzilla.redhat.com/show_bug.cgi?id=2035652
bugzilla.redhat.com/show_bug.cgi?id=2036934
bugzilla.redhat.com/show_bug.cgi?id=2037019
bugzilla.redhat.com/show_bug.cgi?id=2039911
bugzilla.redhat.com/show_bug.cgi?id=2039914
bugzilla.redhat.com/show_bug.cgi?id=2042822
bugzilla.redhat.com/show_bug.cgi?id=2061700
bugzilla.redhat.com/show_bug.cgi?id=2061712
bugzilla.redhat.com/show_bug.cgi?id=2061721
bugzilla.redhat.com/show_bug.cgi?id=2064855
errata.rockylinux.org/RLSA-2022:1975
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
77.3%