Lucene search
Copyright (C) 2024 Greenbone AGOPENVAS:1361412562310833728HistoryMar 04, 2024 - 12:00 a.m.
openSUSE: Security Advisory for the Linux Kernel RT (Live Patch 1 for SLE 15 SP5) (SUSE-SU-2023:3676-1)
2024-03-0400:00:00
Copyright (C) 2024 Greenbone AG
plugins.openvas.org
4
security advisory
linux kernel rt
sle 15 sp5
suse-su-2023:3676-1
cve-2023-2156
cve-2023-3090
cve-2023-35001
networking
rpl protocol
memory access
privilege escalation
out-of-bounds write
ipvlan network driver
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.9 High
AI Score
Confidence
High
0.013 Low
EPSS
Percentile
85.9%
The remote host is missing an update for the
# SPDX-FileCopyrightText: 2024 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.833728");
script_version("2024-05-16T05:05:35+0000");
script_cve_id("CVE-2023-2156", "CVE-2023-3090", "CVE-2023-35001");
script_tag(name:"cvss_base", value:"6.8");
script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:S/C:C/I:C/A:C");
script_tag(name:"last_modification", value:"2024-05-16 05:05:35 +0000 (Thu, 16 May 2024)");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2023-07-12 16:49:52 +0000 (Wed, 12 Jul 2023)");
script_tag(name:"creation_date", value:"2024-03-04 07:11:24 +0000 (Mon, 04 Mar 2024)");
script_name("openSUSE: Security Advisory for the Linux Kernel RT (Live Patch 1 for SLE 15 SP5) (SUSE-SU-2023:3676-1)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2024 Greenbone AG");
script_family("SuSE Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/suse", "ssh/login/rpms", re:"ssh/login/release=openSUSELeap15\.5");
script_xref(name:"Advisory-ID", value:"SUSE-SU-2023:3676-1");
script_xref(name:"URL", value:"https://lists.opensuse.org/archives/list/[email protected]/thread/MCT5E2Z7ALVACZASWKA2EUDHE7IFS2WT");
script_tag(name:"summary", value:"The remote host is missing an update for the 'the Linux Kernel RT (Live Patch 1 for SLE 15 SP5)'
package(s) announced via the SUSE-SU-2023:3676-1 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"This update for the Linux Kernel 5.14.21-150500_13_5 fixes several issues.
The following security issues were fixed:
* CVE-2023-2156: Fixed a flaw in the networking subsystem within the handling
of the RPL protocol (bsc#1211395).
* CVE-2023-35001: Fixed an out-of-bounds memory access flaw in nft_byteorder
that could allow a local attacker to escalate their privilege (bsc#1213063).
* CVE-2023-3090: Fixed a heap out-of-bounds write in the ipvlan network driver
(bsc#1212849).
##");
script_tag(name:"affected", value:"'the Linux Kernel RT (Live Patch 1 for SLE 15 SP5)' package(s) on openSUSE Leap 15.5.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "openSUSELeap15.5") {
if(!isnull(res = isrpmvuln(pkg:"kernel-livepatch-5_14_21-150500_13_5-rt-2", rpm:"kernel-livepatch-5_14_21-150500_13_5-rt-2~150500.2.1", rls:"openSUSELeap15.5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-livepatch-5_14_21-150500_13_5-rt-debuginfo-2", rpm:"kernel-livepatch-5_14_21-150500_13_5-rt-debuginfo-2~150500.2.1", rls:"openSUSELeap15.5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-livepatch-SLE15-SP5-RT_Update_1-debugsource-2", rpm:"kernel-livepatch-SLE15-SP5-RT_Update_1-debugsource-2~150500.2.1", rls:"openSUSELeap15.5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-livepatch-5_14_21-150500_13_5-rt-2", rpm:"kernel-livepatch-5_14_21-150500_13_5-rt-2~150500.2.1", rls:"openSUSELeap15.5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-livepatch-5_14_21-150500_13_5-rt-debuginfo-2", rpm:"kernel-livepatch-5_14_21-150500_13_5-rt-debuginfo-2~150500.2.1", rls:"openSUSELeap15.5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-livepatch-SLE15-SP5-RT_Update_1-debugsource-2", rpm:"kernel-livepatch-SLE15-SP5-RT_Update_1-debugsource-2~150500.2.1", rls:"openSUSELeap15.5"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);Related
nessus
nessus
openvas
openvas
debian
debian
[SECURITY] [DSA 5453-1] linux security update
2023-07-16 21:39:59
[SECURITY] [DLA 3512-1] linux-5.10 security update
2023-08-02 15:00:39
osv
osv
linux - security update
2023-07-16 00:00:00
linux-iot vulnerabilities
2023-07-28 13:46:00
ubuntu
ubuntu
Linux kernel (IoT) vulnerabilities
2023-07-28 00:00:00
Linux kernel vulnerabilities
2023-07-26 00:00:00
Linux kernel vulnerabilities
2023-07-25 00:00:00
redhat
redhat
(RHSA-2023:5548) Important: kpatch-patch security update
2023-10-10 09:32:30
(RHSA-2023:7243) Important: kernel security update
2023-11-15 17:04:41
(RHSA-2023:4828) Important: kpatch-patch security update
2023-08-29 07:41:00
zdi
zdi
prion
prion
Design/Logic Flaw
2023-05-09 22:15:00
Out-of-bounds
2023-07-05 19:15:00
Heap overflow
2023-06-28 20:15:00
debiancve
debiancve
redhatcve
redhatcve
ubuntucve
ubuntucve
cvelist
cvelist
CVE-2023-2156
2023-05-09 00:00:00
CVE-2023-3090 Out-of-bounds write in Linux kernel's ipvlan network driver
2023-06-28 19:06:41
CVE-2023-35001 Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability
2023-07-05 18:35:17
nvd
nvd
githubexploit
githubexploit
Exploit for Out-of-bounds Write in Linux Linux Kernel
2023-09-04 03:25:01
Exploit for Out-of-bounds Write in Linux Linux Kernel
2023-09-01 07:41:23
cbl_mariner
cbl_mariner
CVE-2023-3090 affecting package kernel 5.10.183.1-1
2023-07-28 23:16:55
CVE-2023-3090 affecting package kernel for versions less than 5.15.118.1-2
2023-08-10 16:37:57
cve
cve
f5
f5
K000137871 : Linux kernel vulnerability CVE-2023-35001
2023-12-12 00:00:00
oraclelinux
oraclelinux
kernel security, bug fix, and enhancement update
2023-09-21 00:00:00
kernel security and bug fix update
2023-10-11 00:00:00
ibm
ibm
fedora
fedora
[SECURITY] Fedora 38 Update: kernel-headers-6.4.4-200.fc38
2023-07-23 01:30:41
[SECURITY] Fedora 37 Update: kernel-headers-6.4.4-100.fc37
2023-07-23 01:25:12
[SECURITY] Fedora 37 Update: kernel-6.4.4-100.fc37
2023-07-23 01:25:12
amazon
amazon
Important: kernel
2023-07-17 17:39:00
Important: kernel
2023-07-13 23:57:00
rocky
rocky
kernel security, bug fix, and enhancement update
2023-10-06 22:19:15
kernel security, bug fix, and enhancement update
2023-09-26 13:26:05
almalinux
almalinux
Important: kernel security, bug fix, and enhancement update
2023-09-19 00:00:00
mageia
mageia
Updated kernel-linus packages fix security vulnerabilities
2023-07-27 01:07:49
Updated kernel packages fix security vulnerabilities
2023-07-19 22:53:31
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.9 High
AI Score
Confidence
High
0.013 Low
EPSS
Percentile
85.9%
Related for OPENVAS:1361412562310833728