Lucene search
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_SU-2024-3358-1.NASLHistorySep 21, 2024 - 12:00 a.m.
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : ffmpeg-4 (SUSE-SU-2024:3358-1)
2024-09-2100:00:00
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
4
suse linux
sled15
sled_sap15
sles15
sles_sap15
opensuse 15
security update
ffmpeg-4
cve-2023-48368
libmfx
cve-2023-45221
cve-2023-22656
cve-2023-47282
cve-2023-47169
cve-2024-7055
heap-based buffer overflow
pnmdec.c
libavcodec.
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
6.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
CVSS4
6.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/SC:N/VI:L/SI:N/VA:L/SA:N
AI Score
7.9
Confidence
Low
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3358-1 advisory.
- Dropped support for libmfx to fix the following CVEs:
* libmfx: improper input validation (CVE-2023-48368, bsc#1226897)
* libmfx: improper buffer restrictions (CVE-2023-45221, bsc#1226898)
* libmfx: out-of-bounds read (CVE-2023-22656, bsc#1226899)
* libmfx: out-of-bounds write (CVE-2023-47282, bsc#1226900)
* libmfx: improper buffer restrictions (CVE-2023-47169, bsc#1226901)
- CVE-2024-7055: heap-based buffer overflow in pnmdec.c from the libavcodec library. (bsc#1229026)
Tenable has extracted the preceding description block directly from the SUSE security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# SUSE update advisory SUSE-SU-2024:3358-1. The text itself
# is copyright (C) SUSE.
##
include('compat.inc');
if (description)
{
script_id(207540);
script_version("1.1");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/09/21");
script_cve_id(
"CVE-2023-22656",
"CVE-2023-45221",
"CVE-2023-47169",
"CVE-2023-47282",
"CVE-2023-48368",
"CVE-2024-7055"
);
script_xref(name:"SuSE", value:"SUSE-SU-2024:3358-1");
script_name(english:"SUSE SLED15 / SLES15 / openSUSE 15 Security Update : ffmpeg-4 (SUSE-SU-2024:3358-1)");
script_set_attribute(attribute:"synopsis", value:
"The remote SUSE host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are
affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3358-1 advisory.
- Dropped support for libmfx to fix the following CVEs:
* libmfx: improper input validation (CVE-2023-48368, bsc#1226897)
* libmfx: improper buffer restrictions (CVE-2023-45221, bsc#1226898)
* libmfx: out-of-bounds read (CVE-2023-22656, bsc#1226899)
* libmfx: out-of-bounds write (CVE-2023-47282, bsc#1226900)
* libmfx: improper buffer restrictions (CVE-2023-47169, bsc#1226901)
- CVE-2024-7055: heap-based buffer overflow in pnmdec.c from the libavcodec library. (bsc#1229026)
Tenable has extracted the preceding description block directly from the SUSE security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226892");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226897");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226898");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226899");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226900");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226901");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1229026");
# https://lists.suse.com/pipermail/sle-security-updates/2024-September/019482.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?5bcf0b34");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-22656");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-45221");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-47169");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-47282");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-48368");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2024-7055");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss4_vector", value:"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N");
script_set_attribute(attribute:"cvss4_threat_vector", value:"CVSS:4.0/E:U");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2024-7055");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2024/05/16");
script_set_attribute(attribute:"patch_publication_date", value:"2024/09/20");
script_set_attribute(attribute:"plugin_publication_date", value:"2024/09/21");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ffmpeg-4");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ffmpeg-4-libavcodec-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ffmpeg-4-libavdevice-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ffmpeg-4-libavfilter-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ffmpeg-4-libavformat-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ffmpeg-4-libavresample-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ffmpeg-4-libavutil-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ffmpeg-4-libpostproc-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ffmpeg-4-libswresample-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ffmpeg-4-libswscale-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ffmpeg-4-private-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libavcodec58_134");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libavdevice58_13");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libavfilter7_110");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libavformat58_76");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libavresample4_0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libavutil56_70");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libpostproc55_9");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libswresample3_9");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libswscale5_9");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:15");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"SuSE Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include('rpm.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item("Host/SuSE/release");
if (isnull(os_release) || os_release !~ "^(SLED|SLES|SUSE)") audit(AUDIT_OS_NOT, "SUSE / openSUSE");
var os_ver = pregmatch(pattern: "^(SLE(S|D)(?:_SAP)?\d+|SUSE([\d.]+))", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE / openSUSE');
os_ver = os_ver[1];
if (! preg(pattern:"^(SLED15|SLED_SAP15|SLES15|SLES_SAP15|SUSE15\.5)$", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15', 'SUSE / openSUSE (' + os_ver + ')');
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE / openSUSE (' + os_ver + ')', cpu);
var service_pack = get_kb_item("Host/SuSE/patchlevel");
if (isnull(service_pack)) service_pack = "0";
if (os_ver == "SLED15" && (! preg(pattern:"^(5)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLED15 SP5", os_ver + " SP" + service_pack);
if (os_ver == "SLED_SAP15" && (! preg(pattern:"^(5)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLED_SAP15 SP5", os_ver + " SP" + service_pack);
if (os_ver == "SLES15" && (! preg(pattern:"^(4|5)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLES15 SP4/5", os_ver + " SP" + service_pack);
if (os_ver == "SLES_SAP15" && (! preg(pattern:"^(4|5)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLES_SAP15 SP4/5", os_ver + " SP" + service_pack);
var pkgs = [
{'reference':'libavcodec58_134-4.4-150400.3.42.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'libavformat58_76-4.4-150400.3.42.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'libavutil56_70-4.4-150400.3.42.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'libpostproc55_9-4.4-150400.3.42.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'libswresample3_9-4.4-150400.3.42.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
{'reference':'libavcodec58_134-4.4-150400.3.42.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'libavcodec58_134-4.4-150400.3.42.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'libavformat58_76-4.4-150400.3.42.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'libavformat58_76-4.4-150400.3.42.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'libavutil56_70-4.4-150400.3.42.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'libavutil56_70-4.4-150400.3.42.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'libswresample3_9-4.4-150400.3.42.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'libswresample3_9-4.4-150400.3.42.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'libswscale5_9-4.4-150400.3.42.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'libswscale5_9-4.4-150400.3.42.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'libavcodec58_134-4.4-150400.3.42.1', 'sp':'4', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-4']},
{'reference':'libavcodec58_134-4.4-150400.3.42.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-4']},
{'reference':'libavformat58_76-4.4-150400.3.42.1', 'sp':'4', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-4']},
{'reference':'libavformat58_76-4.4-150400.3.42.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-4']},
{'reference':'libavutil56_70-4.4-150400.3.42.1', 'sp':'4', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-4']},
{'reference':'libavutil56_70-4.4-150400.3.42.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-4']},
{'reference':'libpostproc55_9-4.4-150400.3.42.1', 'sp':'4', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-4']},
{'reference':'libpostproc55_9-4.4-150400.3.42.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-4']},
{'reference':'libswresample3_9-4.4-150400.3.42.1', 'sp':'4', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-4']},
{'reference':'libswresample3_9-4.4-150400.3.42.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-4']},
{'reference':'libavcodec58_134-4.4-150400.3.42.1', 'sp':'4', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.4']},
{'reference':'libavcodec58_134-4.4-150400.3.42.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.4']},
{'reference':'libavformat58_76-4.4-150400.3.42.1', 'sp':'4', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.4']},
{'reference':'libavformat58_76-4.4-150400.3.42.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.4']},
{'reference':'libavutil56_70-4.4-150400.3.42.1', 'sp':'4', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.4']},
{'reference':'libavutil56_70-4.4-150400.3.42.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.4']},
{'reference':'libpostproc55_9-4.4-150400.3.42.1', 'sp':'4', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.4']},
{'reference':'libpostproc55_9-4.4-150400.3.42.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.4']},
{'reference':'libswresample3_9-4.4-150400.3.42.1', 'sp':'4', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.4']},
{'reference':'libswresample3_9-4.4-150400.3.42.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.4']},
{'reference':'ffmpeg-4-4.4-150400.3.42.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'ffmpeg-4-libavcodec-devel-4.4-150400.3.42.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'ffmpeg-4-libavdevice-devel-4.4-150400.3.42.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'ffmpeg-4-libavfilter-devel-4.4-150400.3.42.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'ffmpeg-4-libavformat-devel-4.4-150400.3.42.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'ffmpeg-4-libavresample-devel-4.4-150400.3.42.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'ffmpeg-4-libavutil-devel-4.4-150400.3.42.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'ffmpeg-4-libpostproc-devel-4.4-150400.3.42.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'ffmpeg-4-libswresample-devel-4.4-150400.3.42.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'ffmpeg-4-libswscale-devel-4.4-150400.3.42.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'ffmpeg-4-private-devel-4.4-150400.3.42.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'libavcodec58_134-32bit-4.4-150400.3.42.1', 'cpu':'x86_64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'libavcodec58_134-4.4-150400.3.42.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'libavdevice58_13-32bit-4.4-150400.3.42.1', 'cpu':'x86_64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'libavdevice58_13-4.4-150400.3.42.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'libavfilter7_110-32bit-4.4-150400.3.42.1', 'cpu':'x86_64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'libavfilter7_110-4.4-150400.3.42.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'libavformat58_76-32bit-4.4-150400.3.42.1', 'cpu':'x86_64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'libavformat58_76-4.4-150400.3.42.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'libavresample4_0-32bit-4.4-150400.3.42.1', 'cpu':'x86_64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'libavresample4_0-4.4-150400.3.42.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'libavutil56_70-32bit-4.4-150400.3.42.1', 'cpu':'x86_64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'libavutil56_70-4.4-150400.3.42.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'libpostproc55_9-32bit-4.4-150400.3.42.1', 'cpu':'x86_64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'libpostproc55_9-4.4-150400.3.42.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'libswresample3_9-32bit-4.4-150400.3.42.1', 'cpu':'x86_64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'libswresample3_9-4.4-150400.3.42.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'libswscale5_9-32bit-4.4-150400.3.42.1', 'cpu':'x86_64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'libswscale5_9-4.4-150400.3.42.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'ffmpeg-4-4.4-150400.3.42.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-packagehub-subpackages-release-15.5']},
{'reference':'ffmpeg-4-libavcodec-devel-4.4-150400.3.42.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-packagehub-subpackages-release-15.5']},
{'reference':'ffmpeg-4-libavdevice-devel-4.4-150400.3.42.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-packagehub-subpackages-release-15.5']},
{'reference':'ffmpeg-4-libavfilter-devel-4.4-150400.3.42.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-packagehub-subpackages-release-15.5']},
{'reference':'ffmpeg-4-libavformat-devel-4.4-150400.3.42.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-packagehub-subpackages-release-15.5']},
{'reference':'ffmpeg-4-libavresample-devel-4.4-150400.3.42.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-packagehub-subpackages-release-15.5']},
{'reference':'ffmpeg-4-libavutil-devel-4.4-150400.3.42.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-packagehub-subpackages-release-15.5']},
{'reference':'ffmpeg-4-libpostproc-devel-4.4-150400.3.42.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-packagehub-subpackages-release-15.5']},
{'reference':'ffmpeg-4-libswresample-devel-4.4-150400.3.42.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-packagehub-subpackages-release-15.5']},
{'reference':'ffmpeg-4-libswscale-devel-4.4-150400.3.42.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-packagehub-subpackages-release-15.5']},
{'reference':'ffmpeg-4-private-devel-4.4-150400.3.42.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-packagehub-subpackages-release-15.5']},
{'reference':'libavcodec58_134-4.4-150400.3.42.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-packagehub-subpackages-release-15.5']},
{'reference':'libavdevice58_13-4.4-150400.3.42.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-packagehub-subpackages-release-15.5']},
{'reference':'libavfilter7_110-4.4-150400.3.42.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-packagehub-subpackages-release-15.5']},
{'reference':'libavformat58_76-4.4-150400.3.42.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-packagehub-subpackages-release-15.5']},
{'reference':'libavresample4_0-4.4-150400.3.42.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-packagehub-subpackages-release-15.5']},
{'reference':'libavutil56_70-4.4-150400.3.42.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-packagehub-subpackages-release-15.5']},
{'reference':'libpostproc55_9-4.4-150400.3.42.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-packagehub-subpackages-release-15.5']},
{'reference':'libswresample3_9-4.4-150400.3.42.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-packagehub-subpackages-release-15.5']},
{'reference':'libswscale5_9-4.4-150400.3.42.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-packagehub-subpackages-release-15.5']},
{'reference':'libavcodec58_134-4.4-150400.3.42.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-we-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'libavcodec58_134-4.4-150400.3.42.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-we-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'libavformat58_76-4.4-150400.3.42.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-we-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'libavformat58_76-4.4-150400.3.42.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-we-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'libavutil56_70-4.4-150400.3.42.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-we-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'libavutil56_70-4.4-150400.3.42.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-we-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'libswresample3_9-4.4-150400.3.42.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-we-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'libswresample3_9-4.4-150400.3.42.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-we-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'libswscale5_9-4.4-150400.3.42.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-we-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'libswscale5_9-4.4-150400.3.42.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-we-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'libavcodec58_134-4.4-150400.3.42.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.4']},
{'reference':'libavformat58_76-4.4-150400.3.42.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.4']},
{'reference':'libavutil56_70-4.4-150400.3.42.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.4']},
{'reference':'libpostproc55_9-4.4-150400.3.42.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.4']},
{'reference':'libswresample3_9-4.4-150400.3.42.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.4']}
];
var ltss_caveat_required = FALSE;
var flag = 0;
foreach var package_array ( pkgs ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var exists_check = NULL;
var rpm_spec_vers_cmp = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) _release = package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (reference && _release) {
if (exists_check) {
var check_flag = 0;
foreach var check (exists_check) {
if (!rpm_exists(release:_release, rpm:check)) continue;
if ('ltss' >< tolower(check)) ltss_caveat_required = TRUE;
check_flag++;
}
if (!check_flag) continue;
}
if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;
}
}
if (flag)
{
var ltss_plugin_caveat = NULL;
if(ltss_caveat_required) ltss_plugin_caveat = '\n' +
'NOTE: This vulnerability check contains fixes that apply to\n' +
'packages only available in SUSE Enterprise Linux Server LTSS\n' +
'repositories. Access to these package security updates require\n' +
'a paid SUSE LTSS subscription.\n';
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get() + ltss_plugin_caveat
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'ffmpeg-4 / ffmpeg-4-libavcodec-devel / ffmpeg-4-libavdevice-devel / etc');
}
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22656
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45221
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-47169
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-47282
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48368
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7055
www.nessus.org/u?5bcf0b34
bugzilla.suse.com/1226892
bugzilla.suse.com/1226897
bugzilla.suse.com/1226898
bugzilla.suse.com/1226899
bugzilla.suse.com/1226900
bugzilla.suse.com/1226901
bugzilla.suse.com/1229026
www.suse.com/security/cve/CVE-2023-22656
www.suse.com/security/cve/CVE-2023-45221
www.suse.com/security/cve/CVE-2023-47169
www.suse.com/security/cve/CVE-2023-47282
www.suse.com/security/cve/CVE-2023-48368
www.suse.com/security/cve/CVE-2024-7055
Related
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2024:3358-1)
2024-09-23 00:00:00
SUSE: Security Advisory (SUSE-SU-2024:3309-1)
2024-09-19 00:00:00
SUSE: Security Advisory (SUSE-SU-2024:3198-1)
2024-09-11 00:00:00
osv
osv
Security update for ffmpeg-4
2024-09-20 15:16:35
Security update for gstreamer-plugins-bad
2024-09-10 15:33:55
Security update for libmfx
2024-09-19 14:32:08
nessus
nessus
SUSE SLES12 Security Update : libmfx (SUSE-SU-2024:3309-1)
2024-09-19 00:00:00
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libmfx (SUSE-SU-2024:3339-1)
2024-09-20 00:00:00
Intel Media SDK Multiple Vulnerabilities (INTEL-SA-00935)
2024-05-24 00:00:00
debiancve
debiancve
cve
cve
cvelist
cvelist
nvd
nvd
vulnrichment
vulnrichment
ubuntucve
ubuntucve
CVE-2024-7055
2024-08-06 00:00:00
mageia
mageia
Updated ffmpeg packages fix security vulnerabilities
2024-09-09 22:00:01
slackware
slackware
[slackware-security] ffmpeg
2024-08-22 19:14:11
fedora
fedora
[SECURITY] Fedora 39 Update: chromium-127.0.6533.99-1.fc39
2024-08-12 04:59:43
[SECURITY] Fedora 40 Update: chromium-127.0.6533.99-1.fc40
2024-08-14 06:26:34
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
6.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
CVSS4
6.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/SC:N/VI:L/SI:N/VA:L/SA:N
AI Score
7.9
Confidence
Low
Related for SUSE_SU-2024-3358-1.NASL