Lucene search
Ubuntu Security Notice (C) 2022-2024 Canonical, Inc. / NASL script (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.UBUNTU_USN-5279-1.NASLHistoryFeb 09, 2022 - 12:00 a.m.
Ubuntu 20.04 LTS : util-linux vulnerabilities (USN-5279-1)
2022-02-0900:00:00
Ubuntu Security Notice (C) 2022-2024 Canonical, Inc. / NASL script (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
48
ubuntu 20.04 lts
util-linux
vulnerabilities
logic error
libmount library
unprivileged user
fuse filesystem
denial of service
cve-2021-3996
cve-2021-3995
nessus scanner
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
AI Score
6.4
Confidence
High
EPSS
0
Percentile
5.1%
The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5279-1 advisory.
It was discovered that util-linux incorrectly handled unmounting FUSE filesystems. A local attacker could possibly use this issue to unmount FUSE filesystems belonging to other users.
Tenable has extracted the preceding description block directly from the Ubuntu security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 70300
##
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-5279-1. The text
# itself is copyright (C) Canonical, Inc. See
# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered
# trademark of Canonical, Inc.
##
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(157843);
script_version("1.9");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/08/27");
script_cve_id("CVE-2021-3995", "CVE-2021-3996");
script_xref(name:"USN", value:"5279-1");
script_name(english:"Ubuntu 20.04 LTS : util-linux vulnerabilities (USN-5279-1)");
script_set_attribute(attribute:"synopsis", value:
"The remote Ubuntu host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in
the USN-5279-1 advisory.
It was discovered that util-linux incorrectly handled unmounting FUSE filesystems. A local attacker could
possibly use this issue to unmount FUSE filesystems belonging to other users.
Tenable has extracted the preceding description block directly from the Ubuntu security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/notices/USN-5279-1");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-3996");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2022/02/09");
script_set_attribute(attribute:"patch_publication_date", value:"2022/02/09");
script_set_attribute(attribute:"plugin_publication_date", value:"2022/02/09");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:20.04:-:lts");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:bsdutils");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:fdisk");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libblkid-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libblkid1");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libfdisk-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libfdisk1");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libmount-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libmount1");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libsmartcols-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libsmartcols1");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libuuid1");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:mount");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:rfkill");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:util-linux");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:util-linux-locales");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:uuid-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:uuid-runtime");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Ubuntu Local Security Checks");
script_copyright(english:"Ubuntu Security Notice (C) 2022-2024 Canonical, Inc. / NASL script (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
exit(0);
}
include('debian_package.inc');
if ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/Ubuntu/release');
if ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');
os_release = chomp(os_release);
if (! ('20.04' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 20.04', 'Ubuntu ' + os_release);
if ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);
var pkgs = [
{'osver': '20.04', 'pkgname': 'bsdutils', 'pkgver': '1:2.34-0.1ubuntu9.3'},
{'osver': '20.04', 'pkgname': 'fdisk', 'pkgver': '2.34-0.1ubuntu9.3'},
{'osver': '20.04', 'pkgname': 'libblkid-dev', 'pkgver': '2.34-0.1ubuntu9.3'},
{'osver': '20.04', 'pkgname': 'libblkid1', 'pkgver': '2.34-0.1ubuntu9.3'},
{'osver': '20.04', 'pkgname': 'libfdisk-dev', 'pkgver': '2.34-0.1ubuntu9.3'},
{'osver': '20.04', 'pkgname': 'libfdisk1', 'pkgver': '2.34-0.1ubuntu9.3'},
{'osver': '20.04', 'pkgname': 'libmount-dev', 'pkgver': '2.34-0.1ubuntu9.3'},
{'osver': '20.04', 'pkgname': 'libmount1', 'pkgver': '2.34-0.1ubuntu9.3'},
{'osver': '20.04', 'pkgname': 'libsmartcols-dev', 'pkgver': '2.34-0.1ubuntu9.3'},
{'osver': '20.04', 'pkgname': 'libsmartcols1', 'pkgver': '2.34-0.1ubuntu9.3'},
{'osver': '20.04', 'pkgname': 'libuuid1', 'pkgver': '2.34-0.1ubuntu9.3'},
{'osver': '20.04', 'pkgname': 'mount', 'pkgver': '2.34-0.1ubuntu9.3'},
{'osver': '20.04', 'pkgname': 'rfkill', 'pkgver': '2.34-0.1ubuntu9.3'},
{'osver': '20.04', 'pkgname': 'util-linux', 'pkgver': '2.34-0.1ubuntu9.3'},
{'osver': '20.04', 'pkgname': 'util-linux-locales', 'pkgver': '2.34-0.1ubuntu9.3'},
{'osver': '20.04', 'pkgname': 'uuid-dev', 'pkgver': '2.34-0.1ubuntu9.3'},
{'osver': '20.04', 'pkgname': 'uuid-runtime', 'pkgver': '2.34-0.1ubuntu9.3'}
];
var flag = 0;
foreach var package_array ( pkgs ) {
var osver = NULL;
var pkgname = NULL;
var pkgver = NULL;
if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];
if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];
if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];
if (osver && pkgname && pkgver) {
if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;
}
}
if (flag)
{
var extra = '';
extra += ubuntu_report_get();
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : extra
);
exit(0);
}
else
{
var tested = ubuntu_pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bsdutils / fdisk / libblkid-dev / libblkid1 / libfdisk-dev / etc');
}
Related
openvas
openvas
openSUSE: Security Advisory for libeconf, (openSUSE-SU-2022:0727-1)
2022-03-05 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:0727-1)
2022-03-05 00:00:00
Huawei EulerOS: Security Advisory for util-linux (EulerOS-SA-2022-1654)
2022-05-09 00:00:00
nessus
nessus
SUSE SLED15 / SLES15 Security Update : libeconf, shadow and util-linux (SUSE-SU-2022:0727-1)
2022-03-05 00:00:00
Amazon Linux 2022 : (ALAS2022-2022-086)
2022-09-06 00:00:00
EulerOS 2.0 SP10 : util-linux (EulerOS-SA-2022-1668)
2022-05-06 00:00:00
fedora
fedora
[SECURITY] Fedora 35 Update: util-linux-2.37.3-1.fc35
2022-02-05 01:22:21
suse
suse
Security update for libeconf, shadow and util-linux (moderate)
2022-03-04 00:00:00
osv
osv
util-linux vulnerabilities
2022-02-09 13:26:34
util-linux - security update
2022-01-24 00:00:00
libblkid-devel-2.37.3-1.1 on GA media
2024-06-15 00:00:00
ubuntu
ubuntu
util-linux vulnerabilities
2022-02-09 00:00:00
redos
redos
ROS-20220128-03
2022-01-28 00:00:00
debian
debian
[SECURITY] [DSA 5055-1] util-linux security update
2022-01-24 11:31:30
photon
photon
Important Photon OS Security Update - PHSA-2022-0147
2022-01-27 00:00:00
Important Photon OS Security Update - PHSA-2022-4.0-0147
2022-01-27 00:00:00
gentoo
gentoo
util-linux: Multiple Vulnerabilities
2024-01-07 00:00:00
mageia
mageia
Updated util-linux packages fix security vulnerability
2022-02-22 23:15:16
alpinelinux
alpinelinux
CVE-2021-3995
2022-08-23 20:15:08
CVE-2021-3996
2022-08-23 20:15:08
cbl_mariner
cbl_mariner
CVE-2021-3995 affecting package util-linux 2.32.1-7
2024-10-01 09:12:07
CVE-2021-3996 affecting package util-linux 2.32.1-7
2024-10-01 09:12:07
ubuntucve
ubuntucve
CVE-2021-3996
2022-02-01 00:00:00
CVE-2021-3995
2022-02-01 00:00:00
cvelist
cvelist
CVE-2021-3995
2022-08-23 00:00:00
CVE-2021-3996
2022-08-23 00:00:00
debiancve
debiancve
CVE-2021-3995
2022-08-23 20:15:08
CVE-2021-3996
2022-08-23 20:15:08
veracode
veracode
Denial Of Service (DoS)
2022-01-26 14:30:52
Denial Of Service (DoS)
2022-01-26 14:30:50
cve
cve
CVE-2021-3996
2022-08-23 20:15:08
CVE-2021-3995
2022-08-23 20:15:08
nvd
nvd
CVE-2021-3995
2022-08-23 20:15:08
CVE-2021-3996
2022-08-23 20:15:08
prion
prion
Design/Logic Flaw
2022-08-23 20:15:00
Design/Logic Flaw
2022-08-23 20:15:00
redhatcve
redhatcve
CVE-2021-3996
2022-01-24 12:42:16
CVE-2021-3995
2022-01-24 12:39:50
zdt
zdt
packetstorm
packetstorm
snap-confine must_mkdir_and_open_with_perms() Race Condition
2022-12-09 00:00:00
qualysblog
qualysblog
thn
thn
New Linux Privilege Escalation Flaw Uncovered in Snap Package Manager
2022-02-18 08:37:00
avleonov
avleonov
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
AI Score
6.4
Confidence
High
EPSS
0
Percentile
5.1%
Related for UBUNTU_USN-5279-1.NASL