Lucene search
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_SU-2023-0492-1.NASLHistoryFeb 24, 2023 - 12:00 a.m.
SUSE SLES15 / openSUSE 15 Security Update : rubygem-activerecord-5_1 (SUSE-SU-2023:0492-1)
2023-02-2400:00:00
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
10
suse linux
sles15
opensuse 15
package vulnerability
activerecord's postgresql adapter
denial of service
cve-2022-44566
EPSS
0.001
Percentile
35.9%
The remote SUSE Linux SLES15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:0492-1 advisory.
- A denial of service vulnerability present in ActiveRecordโs PostgreSQL adapter <7.0.4.1 and <6.1.7.1. When a value outside the range for a 64bit signed integer is provided to the PostgreSQL connection adapter, it will treat the target column type as numeric. Comparing integer values against numeric values can result in a slow sequential scan resulting in potential Denial of Service. (CVE-2022-44566)
Note that Nessus has not tested for this issue but has instead relied only on the applicationโs self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# SUSE update advisory SUSE-SU-2023:0492-1. The text itself
# is copyright (C) SUSE.
##
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(171890);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/07/14");
script_cve_id("CVE-2022-44566");
script_xref(name:"SuSE", value:"SUSE-SU-2023:0492-1");
script_name(english:"SUSE SLES15 / openSUSE 15 Security Update : rubygem-activerecord-5_1 (SUSE-SU-2023:0492-1)");
script_set_attribute(attribute:"synopsis", value:
"The remote SUSE host is missing a security update.");
script_set_attribute(attribute:"description", value:
"The remote SUSE Linux SLES15 / openSUSE 15 host has a package installed that is affected by a vulnerability as
referenced in the SUSE-SU-2023:0492-1 advisory.
- A denial of service vulnerability present in ActiveRecord's PostgreSQL adapter <7.0.4.1 and <6.1.7.1. When
a value outside the range for a 64bit signed integer is provided to the PostgreSQL connection adapter, it
will treat the target column type as numeric. Comparing integer values against numeric values can result
in a slow sequential scan resulting in potential Denial of Service. (CVE-2022-44566)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207450");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-44566");
# https://lists.suse.com/pipermail/sle-security-updates/2023-February/013874.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?2fed9d60");
script_set_attribute(attribute:"solution", value:
"Update the affected ruby2.5-rubygem-activerecord-5_1 package.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-44566");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2023/02/01");
script_set_attribute(attribute:"patch_publication_date", value:"2023/02/23");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/02/24");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ruby2.5-rubygem-activerecord-5_1");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:15");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"SuSE Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include('rpm.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item("Host/SuSE/release");
if (isnull(os_release) || os_release !~ "^(SLED|SLES|SUSE)") audit(AUDIT_OS_NOT, "SUSE / openSUSE");
var os_ver = pregmatch(pattern: "^(SLE(S|D)\d+|SUSE([\d.]+))", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE / openSUSE');
os_ver = os_ver[1];
if (! preg(pattern:"^(SLES15|SUSE15\.4)$", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15 / openSUSE 15', 'SUSE / openSUSE (' + os_ver + ')');
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE / openSUSE (' + os_ver + ')', cpu);
var service_pack = get_kb_item("Host/SuSE/patchlevel");
if (isnull(service_pack)) service_pack = "0";
if (os_ver == "SLES15" && (! preg(pattern:"^(1|2|3|4)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLES15 SP1/2/3/4", os_ver + " SP" + service_pack);
var pkgs = [
{'reference':'ruby2.5-rubygem-activerecord-5_1-5.1.4-150000.5.6.1', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},
{'reference':'ruby2.5-rubygem-activerecord-5_1-5.1.4-150000.5.6.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-15.1']},
{'reference':'ruby2.5-rubygem-activerecord-5_1-5.1.4-150000.5.6.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-15.2']},
{'reference':'ruby2.5-rubygem-activerecord-5_1-5.1.4-150000.5.6.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-15.3']},
{'reference':'ruby2.5-rubygem-activerecord-5_1-5.1.4-150000.5.6.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-15.4']}
];
var ltss_caveat_required = FALSE;
var flag = 0;
foreach var package_array ( pkgs ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var exists_check = NULL;
var rpm_spec_vers_cmp = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) _release = package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (reference && _release) {
if (exists_check) {
var check_flag = 0;
foreach var check (exists_check) {
if (!rpm_exists(release:_release, rpm:check)) continue;
check_flag++;
}
if (!check_flag) continue;
}
if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'ruby2.5-rubygem-activerecord-5_1');
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| novell | suse_linux | ruby2.5-rubygem-activerecord-5_1 | p-cpe:/a:novell:suse_linux:ruby2.5-rubygem-activerecord-5_1 |
| novell | suse_linux | 15 | cpe:/o:novell:suse_linux:15 |
Related
cvelist
cvelist
CVE-2022-44566
2023-02-09 00:00:00
gitlab
gitlab
Denial of Service Vulnerability in ActiveRecordโs PostgreSQL adapter
2023-01-18 00:00:00
Uncontrolled Resource Consumption
2023-02-09 00:00:00
osv
osv
CVE-2022-44566
2023-02-09 20:15:11
Denial of Service Vulnerability in ActiveRecord's PostgreSQL adapter
2023-01-18 18:21:12
nvd
nvd
CVE-2022-44566
2023-02-09 20:15:11
veracode
veracode
Denial Of Service (DoS)
2023-01-24 08:21:56
debiancve
debiancve
CVE-2022-44566
2023-02-09 20:15:11
ubuntucve
ubuntucve
CVE-2022-44566
2023-02-09 00:00:00
prion
prion
Design/Logic Flaw
2023-02-09 20:15:00
cve
cve
CVE-2022-44566
2023-02-09 20:15:11
github
github
Denial of Service Vulnerability in ActiveRecord's PostgreSQL adapter
2023-01-18 18:21:12
redhatcve
redhatcve
CVE-2022-44566
2023-01-26 14:35:25
rubygems
rubygems
Denial of Service Vulnerability in ActiveRecordโs PostgreSQL adapter
2023-01-17 21:00:00
nessus
nessus
RHEL 8 : Satellite 6.14 (RHSA-2023:6818)
2024-04-29 00:00:00
Rocky Linux 8 : Satellite 6.14 (RLSA-2023:6818)
2023-11-11 00:00:00
rocky
rocky
Satellite 6.14 security and bug fix update
2023-11-11 22:58:57
redhat
redhat
(RHSA-2023:6818) Important: Satellite 6.14 security and bug fix update
2023-11-08 14:10:25