Lucene search
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.ROCKY_LINUX_RLSA-2024-4583.NASLHistoryJul 26, 2024 - 12:00 a.m.
Rocky Linux 9 : kernel (RLSA-2024:4583)
2024-07-2600:00:00
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
13
rocky linux 9
kernel
rlsa-2024:4583
tipc message reassembly
use-after-free
remote code execution
ethernet
hisilicon
hns
array overflow
net
hns3
deadlock
vt
memory overlapping
can
j1939
mm/vmscan
memory barrier
nfs
nvme
reconnection fail
net ena
tcp
lib/test_hmm.c
r8169
buffer corruption
micrel
tproxy
octeontx2-af
blk-cgroup
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
10
Confidence
High
EPSS
0.001
Percentile
16.8%
The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:4583 advisory.
* kernel: TIPC message reassembly use-after-free remote code execution vulnerability (CVE-2024-36886)
* kernel: ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port() (CVE-2021-47548)
* kernel: net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg (CVE-2021-47596)
* kernel: vt: fix memory overlapping when deleting chars in the buffer (CVE-2022-48627)
* kernel: can: j1939: prevent deadlock by changing j1939_socks_lock to rwlock (CVE-2023-52638)
* kernel: mm/vmscan: fix a bug calling wakeup_kswapd() with a wrong zone index (CVE-2024-26783)
* kernel: net/mlx5e: Use a memory barrier to enforce PTP WQ xmit submission tracking occurs after populating the metadata_map (CVE-2024-26858)
* kernel: netfilter: nf_tables: use timestamp to check for set element timeout (CVE-2024-27397)
* kernel: nvme: fix reconnection fail due to reserved tag allocation (CVE-2024-27435)
* kernel: net: ena: Fix incorrect descriptor free behavior (CVE-2024-35958)
* kernel: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique(). (CVE-2024-36904)
* kernel: lib/test_hmm.c: handle src_pfns and dst_pfns allocation failure (CVE-2024-38543)
* kernel: r8169: Fix possible ring buffer corruption on fragmented Tx packets. (CVE-2024-38586)
* kernel: net: micrel: Fix receiving the timestamp in the frame for lan8841 (CVE-2024-38593)
* kernel: netfilter: tproxy: bail out if IP has been disabled on the device (CVE-2024-36270)
* kernel: octeontx2-af: avoid off-by-one read from userspace (CVE-2024-36957)
* kernel: blk-cgroup: fix list corruption from resetting io stat (CVE-2024-38663)
Tenable has extracted the preceding description block directly from the Rocky Linux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# Rocky Linux Security Advisory RLSA-2024:4583.
##
include('compat.inc');
if (description)
{
script_id(204769);
script_version("1.1");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/07/26");
script_cve_id(
"CVE-2021-47548",
"CVE-2021-47596",
"CVE-2022-48627",
"CVE-2023-52638",
"CVE-2024-26783",
"CVE-2024-26858",
"CVE-2024-27397",
"CVE-2024-27435",
"CVE-2024-35958",
"CVE-2024-36270",
"CVE-2024-36886",
"CVE-2024-36904",
"CVE-2024-36957",
"CVE-2024-38543",
"CVE-2024-38586",
"CVE-2024-38593",
"CVE-2024-38663"
);
script_xref(name:"RLSA", value:"2024:4583");
script_name(english:"Rocky Linux 9 : kernel (RLSA-2024:4583)");
script_set_attribute(attribute:"synopsis", value:
"The remote Rocky Linux host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the
RLSA-2024:4583 advisory.
* kernel: TIPC message reassembly use-after-free remote code execution vulnerability (CVE-2024-36886)
* kernel: ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in
hns_dsaf_ge_srst_by_port() (CVE-2021-47548)
* kernel: net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg (CVE-2021-47596)
* kernel: vt: fix memory overlapping when deleting chars in the buffer (CVE-2022-48627)
* kernel: can: j1939: prevent deadlock by changing j1939_socks_lock to rwlock (CVE-2023-52638)
* kernel: mm/vmscan: fix a bug calling wakeup_kswapd() with a wrong zone index (CVE-2024-26783)
* kernel: net/mlx5e: Use a memory barrier to enforce PTP WQ xmit submission tracking occurs after
populating the metadata_map (CVE-2024-26858)
* kernel: netfilter: nf_tables: use timestamp to check for set element timeout (CVE-2024-27397)
* kernel: nvme: fix reconnection fail due to reserved tag allocation (CVE-2024-27435)
* kernel: net: ena: Fix incorrect descriptor free behavior (CVE-2024-35958)
* kernel: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique(). (CVE-2024-36904)
* kernel: lib/test_hmm.c: handle src_pfns and dst_pfns allocation failure (CVE-2024-38543)
* kernel: r8169: Fix possible ring buffer corruption on fragmented Tx packets. (CVE-2024-38586)
* kernel: net: micrel: Fix receiving the timestamp in the frame for lan8841 (CVE-2024-38593)
* kernel: netfilter: tproxy: bail out if IP has been disabled on the device (CVE-2024-36270)
* kernel: octeontx2-af: avoid off-by-one read from userspace (CVE-2024-36957)
* kernel: blk-cgroup: fix list corruption from resetting io stat (CVE-2024-38663)
Tenable has extracted the preceding description block directly from the Rocky Linux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://errata.rockylinux.org/RLSA-2024:4583");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2267509");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2273082");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2273466");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2275735");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2277238");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2280434");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2281131");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2281925");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2283401");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2284541");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2284581");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2293230");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2293380");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2293402");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2293456");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2293653");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2294225");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:M/C:P/I:P/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-47548");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2024/03/02");
script_set_attribute(attribute:"patch_publication_date", value:"2024/07/26");
script_set_attribute(attribute:"plugin_publication_date", value:"2024/07/26");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:bpftool");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:bpftool-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-64k");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-64k-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-64k-debug");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-64k-debug-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-64k-debug-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-64k-debug-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-64k-debug-devel-matched");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-64k-debug-modules");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-64k-debug-modules-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-64k-debug-modules-extra");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-64k-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-64k-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-64k-devel-matched");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-64k-modules");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-64k-modules-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-64k-modules-extra");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-abi-stablelists");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-cross-headers");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-debug");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-debug-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-debug-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-debug-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-debug-devel-matched");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-debug-modules");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-debug-modules-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-debug-modules-extra");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-debug-uki-virt");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-devel-matched");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-headers");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-modules");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-modules-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-modules-extra");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-rt");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-rt-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-rt-debug");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-rt-debug-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-rt-debug-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-rt-debug-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-rt-debug-kvm");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-rt-debug-modules");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-rt-debug-modules-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-rt-debug-modules-extra");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-rt-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-rt-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-rt-kvm");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-rt-modules");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-rt-modules-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-rt-modules-extra");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-tools");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-tools-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-tools-libs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-tools-libs-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-uki-virt");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-zfcpdump");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-zfcpdump-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-zfcpdump-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-zfcpdump-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-zfcpdump-devel-matched");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-zfcpdump-modules");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-zfcpdump-modules-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-zfcpdump-modules-extra");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:libperf");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:libperf-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:perf");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:perf-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:python3-perf");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:python3-perf-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:rtla");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:rv");
script_set_attribute(attribute:"cpe", value:"cpe:/o:rocky:linux:9");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Rocky Linux Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl", "linux_alt_patch_detect.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RockyLinux/release", "Host/RockyLinux/rpm-list", "Host/cpu");
exit(0);
}
include('rpm.inc');
include('ksplice.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/RockyLinux/release');
if (isnull(os_release) || 'Rocky Linux' >!< os_release) audit(AUDIT_OS_NOT, 'Rocky Linux');
var os_ver = pregmatch(pattern: "Rocky(?: Linux)? release ([0-9]+(\.[0-9]+)?)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Rocky Linux');
os_ver = os_ver[1];
if (! preg(pattern:"^9([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'Rocky Linux 9.x', 'Rocky Linux ' + os_ver);
if (!get_kb_item('Host/RockyLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Rocky Linux', cpu);
if (get_one_kb_item('Host/ksplice/kernel-cves'))
{
rm_kb_item(name:'Host/uptrack-uname-r');
var cve_list = make_list('CVE-2021-47548', 'CVE-2021-47596', 'CVE-2022-48627', 'CVE-2023-52638', 'CVE-2024-26783', 'CVE-2024-26858', 'CVE-2024-27397', 'CVE-2024-27435', 'CVE-2024-35958', 'CVE-2024-36270', 'CVE-2024-36886', 'CVE-2024-36904', 'CVE-2024-36957', 'CVE-2024-38543', 'CVE-2024-38586', 'CVE-2024-38593', 'CVE-2024-38663');
if (ksplice_cves_check(cve_list))
{
audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for RLSA-2024:4583');
}
else
{
__rpm_report = ksplice_reporting_text();
}
}
var pkgs = [
{'reference':'bpftool-7.3.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'bpftool-7.3.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'bpftool-7.3.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'bpftool-debuginfo-7.3.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'bpftool-debuginfo-7.3.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'bpftool-debuginfo-7.3.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-64k-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-64k-core-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-64k-debug-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-64k-debug-core-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-64k-debug-debuginfo-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-64k-debug-devel-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-64k-debug-devel-matched-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-64k-debug-modules-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-64k-debug-modules-core-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-64k-debug-modules-extra-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-64k-debuginfo-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-64k-devel-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-64k-devel-matched-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-64k-modules-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-64k-modules-core-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-64k-modules-extra-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-abi-stablelists-5.14.0-427.26.1.el9_4', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-core-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-core-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-core-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-cross-headers-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-cross-headers-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-cross-headers-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-core-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-core-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-core-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-debuginfo-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-debuginfo-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-debuginfo-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-devel-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-devel-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-devel-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-devel-matched-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-devel-matched-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-devel-matched-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-modules-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-modules-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-modules-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-modules-core-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-modules-core-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-modules-core-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-modules-extra-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-modules-extra-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-modules-extra-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-uki-virt-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debuginfo-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debuginfo-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debuginfo-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-devel-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-devel-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-devel-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-devel-matched-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-devel-matched-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-devel-matched-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-headers-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-headers-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-headers-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-modules-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-modules-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-modules-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-modules-core-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-modules-core-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-modules-core-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-modules-extra-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-modules-extra-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-modules-extra-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-core-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-debug-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-debug-core-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-debug-debuginfo-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-debug-devel-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-debug-kvm-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-debug-modules-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-debug-modules-core-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-debug-modules-extra-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-debuginfo-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-devel-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-kvm-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-modules-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-modules-core-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-modules-extra-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-debuginfo-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-debuginfo-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-debuginfo-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-libs-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-libs-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-libs-devel-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-libs-devel-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-uki-virt-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-zfcpdump-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-zfcpdump-core-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-zfcpdump-debuginfo-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-zfcpdump-devel-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-zfcpdump-devel-matched-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-zfcpdump-modules-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-zfcpdump-modules-core-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-zfcpdump-modules-extra-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'libperf-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'libperf-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'libperf-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'libperf-debuginfo-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'libperf-debuginfo-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'libperf-debuginfo-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'perf-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'perf-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'perf-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'perf-debuginfo-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'perf-debuginfo-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'perf-debuginfo-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python3-perf-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python3-perf-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python3-perf-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python3-perf-debuginfo-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python3-perf-debuginfo-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python3-perf-debuginfo-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rtla-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rtla-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rtla-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rv-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rv-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rv-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE}
];
var flag = 0;
foreach var package_array ( pkgs ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var el_string = NULL;
var rpm_spec_vers_cmp = NULL;
var epoch = NULL;
var allowmaj = NULL;
var exists_check = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) _release = 'Rocky-' + package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {
if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bpftool / bpftool-debuginfo / kernel / kernel-64k / kernel-64k-core / etc');
}
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-47548
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-47596
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48627
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52638
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26783
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26858
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27397
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27435
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35958
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36270
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36886
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36904
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36957
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38543
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38586
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38593
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38663
bugzilla.redhat.com/show_bug.cgi?id=2267509
bugzilla.redhat.com/show_bug.cgi?id=2273082
bugzilla.redhat.com/show_bug.cgi?id=2273466
bugzilla.redhat.com/show_bug.cgi?id=2275735
bugzilla.redhat.com/show_bug.cgi?id=2277238
bugzilla.redhat.com/show_bug.cgi?id=2280434
bugzilla.redhat.com/show_bug.cgi?id=2281131
bugzilla.redhat.com/show_bug.cgi?id=2281925
bugzilla.redhat.com/show_bug.cgi?id=2283401
bugzilla.redhat.com/show_bug.cgi?id=2284541
bugzilla.redhat.com/show_bug.cgi?id=2284581
bugzilla.redhat.com/show_bug.cgi?id=2293230
bugzilla.redhat.com/show_bug.cgi?id=2293380
bugzilla.redhat.com/show_bug.cgi?id=2293402
bugzilla.redhat.com/show_bug.cgi?id=2293456
bugzilla.redhat.com/show_bug.cgi?id=2293653
bugzilla.redhat.com/show_bug.cgi?id=2294225
errata.rockylinux.org/RLSA-2024:4583
Related
redhat
redhat
(RHSA-2024:4583) Important: kernel security update
2024-07-17 00:05:33
(RHSA-2024:4533) Important: kernel security update
2024-07-15 04:54:09
(RHSA-2024:4106) Important: kernel-rt security update
2024-06-26 00:04:06
nessus
nessus
Oracle Linux 9 : kernel (ELSA-2024-4583)
2024-07-18 00:00:00
RHEL 9 : kernel (RHSA-2024:4583)
2024-07-17 00:00:00
RHEL 9 : kernel (RHSA-2024:4533)
2024-07-15 00:00:00
oraclelinux
oraclelinux
kernel security update
2024-07-18 00:00:00
rocky
rocky
kernel security update
2024-07-26 12:33:50
osv
osv
Important: kernel security update
2024-07-26 12:33:50
CVE-2021-47596
2024-06-19 15:15:00
CVE-2024-38543
2024-06-19 14:15:00
debiancve
debiancve
ubuntucve
ubuntucve
nvd
nvd
cbl_mariner
cbl_mariner
cvelist
cvelist
CVE-2024-27435 nvme: fix reconnection fail due to reserved tag allocation
2024-05-17 12:12:36
CVE-2024-26783 mm/vmscan: fix a bug calling wakeup_kswapd() with a wrong zone index
2024-04-04 08:20:17
CVE-2021-47596 net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg
2024-06-19 14:53:58
cve
cve
redhatcve
redhatcve
vulnrichment
vulnrichment
CVE-2024-26783 mm/vmscan: fix a bug calling wakeup_kswapd() with a wrong zone index
2024-04-04 08:20:17
CVE-2024-27435 nvme: fix reconnection fail due to reserved tag allocation
2024-05-17 12:12:36
CVE-2021-47596 net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg
2024-06-19 14:53:58
prion
prion
Spoofing
2024-03-02 22:15:00
zdi
zdi
photon
photon
Important Photon OS Security Update - PHSA-2024-4.0-0662
2024-08-02 00:00:00
Important Photon OS Security Update - PHSA-2024-3.0-0744
2024-04-01 00:00:00
Important Photon OS Security Update - PHSA-2024-5.0-0319
2024-07-17 00:00:00
redos
redos
ROS-20240905-04
2024-09-05 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-5703-1)
2024-07-01 00:00:00
Debian: Security Advisory (DLA-3843-1)
2024-07-01 00:00:00
debian
debian
[SECURITY] [DSA 5703-1] linux security update
2024-06-02 17:04:56
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
10
Confidence
High
EPSS
0.001
Percentile
16.8%
Related for ROCKY_LINUX_RLSA-2024-4583.NASL