Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.ROCKY_LINUX_RLSA-2022-5337.NASL
HistoryNov 07, 2023 - 12:00 a.m.

Rocky Linux 8 : go-toolset:rhel8 (RLSA-2022:5337)

2023-11-0700:00:00
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
14
rocky linux 8
go-toolset
rhel8
vulnerabilities
rlsa-2022:5337
encoding/pem
regexp.compile
crypto/elliptic
faccessat
stack overflow
stack exhaustion
privilege assignment
cve-2022-24675
cve-2022-24921
cve-2022-28327
cve-2022-29526
nessus scanner

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

8.5 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

74.3%

JSON

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:5337 advisory.

  • encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data. (CVE-2022-24675)

  • regexp.Compile in Go before 1.16.15 and 1.17.x before 1.17.8 allows stack exhaustion via a deeply nested expression. (CVE-2022-24921)

  • The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input. (CVE-2022-28327)

  • Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.
    (CVE-2022-29526)

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# Rocky Linux Security Advisory RLSA-2022:5337.
##

include('compat.inc');

if (description)
{
  script_id(184817);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/11/14");

  script_cve_id(
    "CVE-2022-24675",
    "CVE-2022-24921",
    "CVE-2022-28327",
    "CVE-2022-29526"
  );
  script_xref(name:"RLSA", value:"2022:5337");
  script_xref(name:"IAVB", value:"2022-B-0011-S");

  script_name(english:"Rocky Linux 8 : go-toolset:rhel8 (RLSA-2022:5337)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Rocky Linux host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the
RLSA-2022:5337 advisory.

  - encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount
    of PEM data. (CVE-2022-24675)

  - regexp.Compile in Go before 1.16.15 and 1.17.x before 1.17.8 allows stack exhaustion via a deeply nested
    expression. (CVE-2022-24921)

  - The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic
    via long scalar input. (CVE-2022-28327)

  - Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero
    flags parameter, the Faccessat function could incorrectly report that a file is accessible.
    (CVE-2022-29526)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://errata.rockylinux.org/RLSA-2022:5337");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2077688");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2077689");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2084085");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-29526");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2022/03/05");
  script_set_attribute(attribute:"patch_publication_date", value:"2022/06/28");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/11/07");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:delve");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:delve-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:delve-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:go-toolset");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:golang");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:golang-bin");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:golang-docs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:golang-misc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:golang-race");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:golang-src");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:golang-tests");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:rocky:linux:8");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Rocky Linux Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RockyLinux/release", "Host/RockyLinux/rpm-list", "Host/cpu");

  exit(0);
}


include('rpm.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/RockyLinux/release');
if (isnull(os_release) || 'Rocky Linux' >!< os_release) audit(AUDIT_OS_NOT, 'Rocky Linux');
var os_ver = pregmatch(pattern: "Rocky(?: Linux)? release ([0-9]+(\.[0-9]+)?)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Rocky Linux');
os_ver = os_ver[1];
if (! preg(pattern:"^8([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'Rocky Linux 8.x', 'Rocky Linux ' + os_ver);

if (!get_kb_item('Host/RockyLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Rocky Linux', cpu);

var pkgs = [
    {'reference':'delve-1.7.2-1.module+el8.6.0+824+8e984c20', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'delve-debuginfo-1.7.2-1.module+el8.6.0+824+8e984c20', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'delve-debugsource-1.7.2-1.module+el8.6.0+824+8e984c20', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'go-toolset-1.17.10-1.module+el8.6.0+986+efe4cea4', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'go-toolset-1.17.10-1.module+el8.6.0+986+efe4cea4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'golang-1.17.10-1.module+el8.6.0+986+efe4cea4', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'golang-1.17.10-1.module+el8.6.0+986+efe4cea4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'golang-bin-1.17.10-1.module+el8.6.0+986+efe4cea4', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'golang-bin-1.17.10-1.module+el8.6.0+986+efe4cea4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'golang-docs-1.17.10-1.module+el8.6.0+986+efe4cea4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'golang-misc-1.17.10-1.module+el8.6.0+986+efe4cea4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'golang-race-1.17.10-1.module+el8.6.0+986+efe4cea4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'golang-src-1.17.10-1.module+el8.6.0+986+efe4cea4', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'golang-tests-1.17.10-1.module+el8.6.0+986+efe4cea4', 'release':'8', 'rpm_spec_vers_cmp':TRUE}
];

var flag = 0;
foreach var package_array ( pkgs ) {
  var reference = NULL;
  var _release = NULL;
  var sp = NULL;
  var _cpu = NULL;
  var el_string = NULL;
  var rpm_spec_vers_cmp = NULL;
  var epoch = NULL;
  var allowmaj = NULL;
  var exists_check = NULL;
  if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
  if (!empty_or_null(package_array['release'])) _release = 'Rocky-' + package_array['release'];
  if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
  if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
  if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
  if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
  if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
  if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
  if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
  if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {
    if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
  }
}

if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'delve / delve-debuginfo / delve-debugsource / go-toolset / golang / etc');
}
VendorProductVersionCPE
rockylinuxdelvep-cpe:/a:rocky:linux:delve
rockylinuxdelve-debuginfop-cpe:/a:rocky:linux:delve-debuginfo
rockylinuxdelve-debugsourcep-cpe:/a:rocky:linux:delve-debugsource
rockylinuxgo-toolsetp-cpe:/a:rocky:linux:go-toolset
rockylinuxgolangp-cpe:/a:rocky:linux:golang
rockylinuxgolang-binp-cpe:/a:rocky:linux:golang-bin
rockylinuxgolang-docsp-cpe:/a:rocky:linux:golang-docs
rockylinuxgolang-miscp-cpe:/a:rocky:linux:golang-misc
rockylinuxgolang-racep-cpe:/a:rocky:linux:golang-race
rockylinuxgolang-srcp-cpe:/a:rocky:linux:golang-src
Rows per page:
1-10 of 121

Related

nessus 14
oraclelinux 2
osv 1
redhat 4
rocky 1
ibm 3
suse 1
fedora 79
openvas 91
mageia 1
photon 2
nessus
nessus
CentOS 8 : go-toolset:rhel8 (CESA-2022:5337)
2022-07-11 00:00:00
Oracle Linux 8 : go-toolset:ol8addon (ELSA-2022-14844)
2022-06-08 00:00:00
RHEL 8 : go-toolset:rhel8 (RHSA-2022:5337)
2022-07-01 00:00:00
oraclelinux
oraclelinux
go-toolset:ol8addon security update
2022-06-08 00:00:00
go-toolset:ol8 security and bug fix update
2022-07-01 00:00:00
osv
osv
Moderate: go-toolset:rhel8 security and bug fix update
2022-06-28 10:54:21
redhat
redhat
(RHSA-2022:5337) Moderate: go-toolset:rhel8 security and bug fix update
2022-06-28 10:54:21
(RHSA-2022:5415) Moderate: go-toolset-1.17 and go-toolset-1.17-golang security and bug fix update
2022-06-28 19:06:19
(RHSA-2022:5729) Moderate: OpenShift Container Platform 4.10.25 security update
2022-08-01 11:00:16
rocky
rocky
go-toolset:rhel8 security and bug fix update
2022-06-28 10:54:21
ibm
ibm
Security Bulletin: IBM Cloud Pak for Multicloud Management Monitoring has applied security fixes for its use of Golang Go (CVE-2022-24921, CVE-2022-28327, CVE-2022-24675)
2023-01-31 15:21:00
Security Bulletin: A security vulnerability in GO affects IBM Cloud Pak for Multicloud Management Managed Services
2022-09-21 09:55:04
Security Bulletin: A security vulnerability in GO affects IBM Cloud Automation Manager
2022-07-25 06:32:12
suse
suse
Security update for go1.17 (moderate)
2022-04-26 00:00:00
fedora
fedora
[SECURITY] Fedora 34 Update: clash-1.6.5-2.fc34
2022-05-27 01:03:00
[SECURITY] Fedora 36 Update: golang-github-lucas-clemente-quic-0.27.2-1.fc36
2022-06-30 01:21:48
[SECURITY] Fedora 35 Update: golang-1.16.15-2.fc35
2022-07-01 01:17:14
openvas
openvas
Mageia: Security Advisory (MGASA-2022-0171)
2022-05-19 00:00:00
Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2022-2610)
2022-10-28 00:00:00
Fedora: Security Advisory for golang (FEDORA-2022-e46e6e8317)
2022-07-02 00:00:00
mageia
mageia
Updated golang packages fix security vulnerability
2022-05-12 13:24:45
photon
photon
Important Photon OS Security Update - PHSA-2022-0194
2022-06-05 00:00:00
Important Photon OS Security Update - PHSA-2022-4.0-0194
2022-06-05 00:00:00

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

8.5 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

74.3%

JSON
Related for ROCKY_LINUX_RLSA-2022-5337.NASL
nessus14oraclelinux2osv1redhat4rocky1ibm3suse1fedora79openvas91mageia1photon2