7.1 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
8.4 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
The remote host is missing an update for the Huawei EulerOS
# SPDX-FileCopyrightText: 2023 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.1.2.2023.1595");
script_cve_id("CVE-2022-3775");
script_tag(name:"creation_date", value:"2023-04-13 04:14:01 +0000 (Thu, 13 Apr 2023)");
script_version("2024-02-05T14:36:57+0000");
script_tag(name:"last_modification", value:"2024-02-05 14:36:57 +0000 (Mon, 05 Feb 2024)");
script_tag(name:"cvss_base", value:"6.2");
script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:S/C:N/I:C/A:C");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2022-12-28 20:30:29 +0000 (Wed, 28 Dec 2022)");
script_name("Huawei EulerOS: Security Advisory for grub2 (EulerOS-SA-2023-1595)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2023 Greenbone AG");
script_family("Huawei EulerOS Local Security Checks");
script_dependencies("gb_huawei_euleros_consolidation.nasl");
script_mandatory_keys("ssh/login/euleros", "ssh/login/rpms", re:"ssh/login/release=EULEROS\-2\.0SP8");
script_xref(name:"Advisory-ID", value:"EulerOS-SA-2023-1595");
script_xref(name:"URL", value:"https://developer.huaweicloud.com/intl/en-us/euleros/securitydetail.html?secId=EulerOS-SA-2023-1595");
script_tag(name:"summary", value:"The remote host is missing an update for the Huawei EulerOS 'grub2' package(s) announced via the EulerOS-SA-2023-1595 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size. As consequence an attacker can craft an input which will lead to a out-of-bounds write into grub2's heap, leading to memory corruption and availability issues. Although complex, arbitrary code execution could not be discarded.(CVE-2022-3775)");
script_tag(name:"affected", value:"'grub2' package(s) on Huawei EulerOS V2.0SP8.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "EULEROS-2.0SP8") {
if(!isnull(res = isrpmvuln(pkg:"grub2-common", rpm:"grub2-common~2.02~62.h40.eulerosv2r8", rls:"EULEROS-2.0SP8"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"grub2-efi-aa64", rpm:"grub2-efi-aa64~2.02~62.h40.eulerosv2r8", rls:"EULEROS-2.0SP8"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"grub2-efi-aa64-cdboot", rpm:"grub2-efi-aa64-cdboot~2.02~62.h40.eulerosv2r8", rls:"EULEROS-2.0SP8"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"grub2-efi-aa64-modules", rpm:"grub2-efi-aa64-modules~2.02~62.h40.eulerosv2r8", rls:"EULEROS-2.0SP8"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"grub2-tools", rpm:"grub2-tools~2.02~62.h40.eulerosv2r8", rls:"EULEROS-2.0SP8"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"grub2-tools-extra", rpm:"grub2-tools-extra~2.02~62.h40.eulerosv2r8", rls:"EULEROS-2.0SP8"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"grub2-tools-minimal", rpm:"grub2-tools-minimal~2.02~62.h40.eulerosv2r8", rls:"EULEROS-2.0SP8"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
7.1 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
8.4 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%