Lucene search
Copyright (C) 2023 Greenbone AGOPENVAS:136141256231113202332501HistoryNov 22, 2023 - 12:00 a.m.
Slackware: Security Advisory (SSA:2023-325-01)
2023-11-2200:00:00
Copyright (C) 2023 Greenbone AG
plugins.openvas.org
6
slackware
security advisory
greenbone ag
cve-2022-40982
cve-2022-45886
cve-2022-45887
cve-2023-1206
cve-2023-20569
cve-2023-2124
cvss
nvd
9.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
8.5 High
AI Score
Confidence
High
0.024 Low
EPSS
Percentile
90.1%
The remote host is missing an update for the
# SPDX-FileCopyrightText: 2023 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.1.13.2023.325.01");
script_cve_id("CVE-2022-40982", "CVE-2022-45886", "CVE-2022-45887", "CVE-2022-45919", "CVE-2022-48502", "CVE-2023-1206", "CVE-2023-20569", "CVE-2023-20588", "CVE-2023-20593", "CVE-2023-2124", "CVE-2023-2898", "CVE-2023-31085", "CVE-2023-3117", "CVE-2023-31248", "CVE-2023-3212", "CVE-2023-3338", "CVE-2023-3390", "CVE-2023-34255", "CVE-2023-34324", "CVE-2023-35001", "CVE-2023-35788", "CVE-2023-35827", "CVE-2023-3609", "CVE-2023-3610", "CVE-2023-3611", "CVE-2023-3772", "CVE-2023-3776", "CVE-2023-3777", "CVE-2023-38432", "CVE-2023-3863", "CVE-2023-3865", "CVE-2023-3866", "CVE-2023-39189", "CVE-2023-39192", "CVE-2023-39193", "CVE-2023-39194", "CVE-2023-4004", "CVE-2023-4015", "CVE-2023-40283", "CVE-2023-4128", "CVE-2023-4132", "CVE-2023-4147", "CVE-2023-4206", "CVE-2023-4207", "CVE-2023-4208", "CVE-2023-4244", "CVE-2023-4273", "CVE-2023-42752", "CVE-2023-42753", "CVE-2023-42754", "CVE-2023-42755", "CVE-2023-44466", "CVE-2023-4563", "CVE-2023-4569", "CVE-2023-45871", "CVE-2023-4623", "CVE-2023-46813", "CVE-2023-4881", "CVE-2023-4921", "CVE-2023-5158", "CVE-2023-5178", "CVE-2023-5197", "CVE-2023-5717");
script_tag(name:"creation_date", value:"2023-11-22 04:19:47 +0000 (Wed, 22 Nov 2023)");
script_version("2024-06-19T05:05:42+0000");
script_tag(name:"last_modification", value:"2024-06-19 05:05:42 +0000 (Wed, 19 Jun 2024)");
script_tag(name:"cvss_base", value:"9.4");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:N/A:C");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2023-07-27 16:02:08 +0000 (Thu, 27 Jul 2023)");
script_name("Slackware: Security Advisory (SSA:2023-325-01)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2023 Greenbone AG");
script_family("Slackware Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/slackware_linux", "ssh/login/slackpack", re:"ssh/login/release=SLK15\.0");
script_xref(name:"Advisory-ID", value:"SSA:2023-325-01");
script_xref(name:"URL", value:"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2023&m=slackware-security.892863");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2022-40982");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2022-45886");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2022-45887");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2022-45919");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2022-48502");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-1206");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-20569");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-20588");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-20593");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-2124");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-2898");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-3117");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-31248");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-3212");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-3338");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-3390");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-34255");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-35001");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-35788");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-3609");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-3610");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-3611");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-3772");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-3776");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-3777");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-38432");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-3863");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-3865");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-3866");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-39194");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-4004");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-4015");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-40283");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-4128");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-4132");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-4147");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-4206");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-4207");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-4208");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-4273");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-44466");
script_xref(name:"URL", value:"https://www.cve.org/CVERecord?id=CVE-2023-4569");
script_tag(name:"summary", value:"The remote host is missing an update for the 'kernel' package(s) announced via the SSA:2023-325-01 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"New kernel packages are available for Slackware 15.0 to fix security issues.
Here are the details from the Slackware 15.0 ChangeLog:
+--------------------------+
patches/packages/linux-5.15.139/*: Upgraded.
These updates fix various bugs and security issues.
Be sure to upgrade your initrd after upgrading the kernel packages.
If you use lilo to boot your machine, be sure lilo.conf points to the correct
kernel and initrd and run lilo as root to update the bootloader.
If you use elilo to boot your machine, you should run eliloconfig to copy the
kernel and initrd to the EFI System Partition.
For more information, see:
Fixed in 5.15.116:
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
Fixed in 5.15.117:
[link moved to references]
[link moved to references]
Fixed in 5.15.118:
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
Fixed in 5.15.119:
[link moved to references]
Fixed in 5.15.121:
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
Fixed in 5.15.122:
[link moved to references]
Fixed in 5.15.123:
[link moved to references]
[link moved to references]
Fixed in 5.15.124:
[link moved to references]
[link moved to references]
[link moved to references]
Fixed in 5.15.125:
[link moved to references]
[link moved to references]
Fixed in 5.15.126:
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
Fixed in 5.15.128:
[link moved to references]
[link moved to references]
[link moved to references]
[link moved to references]
Fixed in 5.15.132:
... [Please see the references for more information on the vulnerabilities]");
script_tag(name:"affected", value:"'kernel' package(s) on Slackware 15.0.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-slack.inc");
release = slk_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "SLK15.0") {
if(!isnull(res = isslkpkgvuln(pkg:"kernel-generic", ver:"5.15.139-i586-1", rls:"SLK15.0"))) {
report += res;
}
if(!isnull(res = isslkpkgvuln(pkg:"kernel-generic", ver:"5.15.139-x86_64-1", rls:"SLK15.0"))) {
report += res;
}
if(!isnull(res = isslkpkgvuln(pkg:"kernel-generic-smp", ver:"5.15.139_smp-i686-1", rls:"SLK15.0"))) {
report += res;
}
if(!isnull(res = isslkpkgvuln(pkg:"kernel-headers", ver:"5.15.139-x86-1", rls:"SLK15.0"))) {
report += res;
}
if(!isnull(res = isslkpkgvuln(pkg:"kernel-headers", ver:"5.15.139_smp-x86-1", rls:"SLK15.0"))) {
report += res;
}
if(!isnull(res = isslkpkgvuln(pkg:"kernel-huge", ver:"5.15.139-i586-1", rls:"SLK15.0"))) {
report += res;
}
if(!isnull(res = isslkpkgvuln(pkg:"kernel-huge", ver:"5.15.139-x86_64-1", rls:"SLK15.0"))) {
report += res;
}
if(!isnull(res = isslkpkgvuln(pkg:"kernel-huge-smp", ver:"5.15.139_smp-i686-1", rls:"SLK15.0"))) {
report += res;
}
if(!isnull(res = isslkpkgvuln(pkg:"kernel-modules", ver:"5.15.139-i586-1", rls:"SLK15.0"))) {
report += res;
}
if(!isnull(res = isslkpkgvuln(pkg:"kernel-modules", ver:"5.15.139-x86_64-1", rls:"SLK15.0"))) {
report += res;
}
if(!isnull(res = isslkpkgvuln(pkg:"kernel-modules-smp", ver:"5.15.139_smp-i686-1", rls:"SLK15.0"))) {
report += res;
}
if(!isnull(res = isslkpkgvuln(pkg:"kernel-source", ver:"5.15.139-noarch-1", rls:"SLK15.0"))) {
report += res;
}
if(!isnull(res = isslkpkgvuln(pkg:"kernel-source", ver:"5.15.139_smp-noarch-1", rls:"SLK15.0"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
References
www.slackware.com/security/viewer.php?l=slackware-security&y=2023&m=slackware-security.892863
www.cve.org/CVERecord?id=CVE-2022-40982
www.cve.org/CVERecord?id=CVE-2022-45886
www.cve.org/CVERecord?id=CVE-2022-45887
www.cve.org/CVERecord?id=CVE-2022-45919
www.cve.org/CVERecord?id=CVE-2022-48502
www.cve.org/CVERecord?id=CVE-2023-1206
www.cve.org/CVERecord?id=CVE-2023-20569
www.cve.org/CVERecord?id=CVE-2023-20588
www.cve.org/CVERecord?id=CVE-2023-20593
www.cve.org/CVERecord?id=CVE-2023-2124
www.cve.org/CVERecord?id=CVE-2023-2898
www.cve.org/CVERecord?id=CVE-2023-3117
www.cve.org/CVERecord?id=CVE-2023-31248
www.cve.org/CVERecord?id=CVE-2023-3212
www.cve.org/CVERecord?id=CVE-2023-3338
www.cve.org/CVERecord?id=CVE-2023-3390
www.cve.org/CVERecord?id=CVE-2023-34255
www.cve.org/CVERecord?id=CVE-2023-35001
www.cve.org/CVERecord?id=CVE-2023-35788
www.cve.org/CVERecord?id=CVE-2023-3609
www.cve.org/CVERecord?id=CVE-2023-3610
www.cve.org/CVERecord?id=CVE-2023-3611
www.cve.org/CVERecord?id=CVE-2023-3772
www.cve.org/CVERecord?id=CVE-2023-3776
www.cve.org/CVERecord?id=CVE-2023-3777
www.cve.org/CVERecord?id=CVE-2023-38432
www.cve.org/CVERecord?id=CVE-2023-3863
www.cve.org/CVERecord?id=CVE-2023-3865
www.cve.org/CVERecord?id=CVE-2023-3866
www.cve.org/CVERecord?id=CVE-2023-39194
www.cve.org/CVERecord?id=CVE-2023-4004
www.cve.org/CVERecord?id=CVE-2023-4015
www.cve.org/CVERecord?id=CVE-2023-40283
www.cve.org/CVERecord?id=CVE-2023-4128
www.cve.org/CVERecord?id=CVE-2023-4132
www.cve.org/CVERecord?id=CVE-2023-4147
www.cve.org/CVERecord?id=CVE-2023-4206
www.cve.org/CVERecord?id=CVE-2023-4207
www.cve.org/CVERecord?id=CVE-2023-4208
www.cve.org/CVERecord?id=CVE-2023-4273
www.cve.org/CVERecord?id=CVE-2023-44466
www.cve.org/CVERecord?id=CVE-2023-4569
SSA:2023-325-01
Related
nessus
nessus
Amazon Linux AMI : kernel (ALAS-2023-1838)
2023-10-06 00:00:00
EulerOS 2.0 SP11 : kernel (EulerOS-SA-2023-3247)
2024-01-16 00:00:00
slackware
slackware
[slackware-security] Slackware 15.0 kernel
2023-11-21 21:37:49
amazon
amazon
Important: kernel
2023-09-27 22:15:00
Important: kernel
2023-09-27 22:48:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2023-12-05 00:00:00
Linux kernel (Intel IoTG) vulnerabilities
2023-10-19 00:00:00
Linux kernel vulnerabilities
2023-11-21 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-6445-2)
2023-10-25 00:00:00
Ubuntu: Security Advisory (USN-6494-1)
2023-11-22 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-3275)
2023-12-12 00:00:00
osv
osv
linux, linux-aws, linux-aws-hwe, linux-hwe, linux-kvm, linux-oracle vulnerabilities
2023-11-21 14:55:09
linux, linux-aws, linux-aws-6.2, linux-azure, linux-hwe-6.2, linux-ibm, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-6.2, linux-raspi vulnerabilities
2023-08-29 21:35:56
linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities
2023-12-05 21:13:46
redhat
redhat
(RHSA-2023:5093) Important: kpatch-patch security update
2023-09-12 07:46:19
(RHSA-2023:5069) Important: kernel security, bug fix, and enhancement update
2023-09-12 07:41:41
(RHSA-2023:7558) Important: kpatch-patch security update
2023-11-28 18:38:37
debian
debian
[SECURITY] [DSA 5492-1] linux security update
2023-09-09 21:40:04
[SECURITY] [DLA 3710-1] linux security update
2024-01-11 18:20:04
oraclelinux
oraclelinux
kernel security update
2023-11-22 00:00:00
centos
centos
bpftool, kernel, perf, python security update
2024-01-12 19:36:38
almalinux
almalinux
Important: kernel security, bug fix, and enhancement update
2023-09-12 00:00:00
Important: kernel-rt security and bug fix update
2023-09-12 00:00:00
ibm
ibm
photon
photon
Important Photon OS Security Update - PHSA-2023-3.0-0656
2023-09-27 00:00:00
9.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
8.5 High
AI Score
Confidence
High
0.024 Low
EPSS
Percentile
90.1%
Related for OPENVAS:136141256231113202332501