DATABASE RESOURCES PRICING ABOUT US

{"id": "CVE-2021-4115", "vendorId": null, "type": "cve", "bulletinFamily": "NVD", "title": "CVE-2021-4115", "description": "There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the failing process being reaped and a new one being spawned", "published": "2022-02-21T22:15:00", "modified": "2023-06-12T07:16:00", "epss": [{"cve": "CVE-2021-4115", "epss": 0.00045, "percentile": 0.12521, "modified": "2023-06-19"}], "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "accessVector": "LOCAL", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 2.1}, "severity": "LOW", "exploitabilityScore": 3.9, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM"}, "exploitabilityScore": 1.8, "impactScore": 3.6}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-4115", "reporter": "secalert@redhat.com", "references": ["https://access.redhat.com/security/cve/cve-2021-4115", "https://gitlab.com/redhat/centos-stream/rpms/polkit/-/merge_requests/6/diffs?commit_id=bf900df04dc390d389e59aa10942b0f2b15c531e", "https://gitlab.freedesktop.org/polkit/polkit/-/issues/141", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VGKWCBS6IDZYYDYM2WIWJM5BL7QQTWPF/", "https://www.oracle.com/security-alerts/cpujul2022.html", "http://packetstormsecurity.com/files/172849/polkit-File-Descriptor-Exhaustion.html"], "cvelist": ["CVE-2021-4115"], "immutableFields": [], "lastseen": "2023-06-19T14:51:40", "viewCount": 238, "enchantments": {"backreferences": {"references": [{"type": "debiancve", "idList": ["DEBIANCVE:CVE-2021-4115"]}, {"type": "fedora", "idList": ["FEDORA:F11B9312BA8F"]}, {"type": "nessus", "idList": ["OPENSUSE-2022-0525-1.NASL", "SUSE_SU-2022-0524-1.NASL", "SUSE_SU-2022-0525-1.NASL", "UBUNTU_USN-5304-1.NASL"]}, {"type": "photon", "idList": ["PHSA-2022-0154", "PHSA-2022-0362", "PHSA-2022-0440", "PHSA-2022-0470"]}, {"type": "redhatcve", "idList": ["RH:CVE-2021-4115"]}, {"type": "slackware", "idList": ["SSA-2022-071-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2022:0525-1"]}, {"type": "ubuntu", "idList": ["USN-5304-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-4115"]}]}, "score": {"value": 1.3, "vector": "NONE"}, "dependencies": {"references": [{"type": "almalinux", "idList": ["ALSA-2022:1546"]}, {"type": "altlinux", "idList": ["28340433AB5B58C94A1D269C71CEDAF6"]}, {"type": "archlinux", "idList": ["ASA-202204-2"]}, {"type": "avleonov", "idList": ["AVLEONOV:317FBD7DA93C95993A9FFF38FB04A987"]}, {"type": "broadcom", "idList": ["BSA-2022-2011"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2021-4115"]}, {"type": "fedora", "idList": ["FEDORA:8558B30C122C", "FEDORA:F11B9312BA8F"]}, {"type": "mageia", "idList": ["MGASA-2022-0080"]}, {"type": "nessus", "idList": ["AL2022_ALAS2022-2022-097.NASL", "AL2022_ALAS2022-2022-102.NASL", "AL2022_ALAS2022-2022-220.NASL", "AL2023_ALAS2023-2023-026.NASL", "EULEROS_SA-2022-1580.NASL", "EULEROS_SA-2022-1796.NASL", "EULEROS_SA-2022-1813.NASL", "EULEROS_SA-2022-1850.NASL", "EULEROS_SA-2022-1874.NASL", "EULEROS_SA-2022-2033.NASL", "EULEROS_SA-2022-2061.NASL", "EULEROS_SA-2022-2187.NASL", "EULEROS_SA-2022-2206.NASL", "EULEROS_SA-2022-2583.NASL", "OPENSUSE-2022-0525-1.NASL", "ORACLELINUX_ELSA-2022-1546.NASL", "REDHAT-RHSA-2022-1546.NASL", "ROCKY_LINUX_RLSA-2022-1546.NASL", "SLACKWARE_SSA_2022-071-01.NASL", "SUSE_SU-2022-0524-1.NASL", "SUSE_SU-2022-0525-1.NASL", "SUSE_SU-2022-0525-2.NASL", "UBUNTU_USN-5304-1.NASL"]}, {"type": "oracle", "idList": ["ORACLE:CPUJUL2022"]}, {"type": "oraclelinux", "idList": ["ELSA-2022-1546"]}, {"type": "photon", "idList": ["PHSA-2022-0154", "PHSA-2022-0362", "PHSA-2022-0440", "PHSA-2022-0470", "PHSA-2022-3.0-0362", "PHSA-2022-4.0-0154"]}, {"type": "redhat", "idList": ["RHSA-2022:1546", "RHSA-2022:1681", "RHSA-2022:1715", "RHSA-2022:5069", "RHSA-2022:6526"]}, {"type": "redhatcve", "idList": ["RH:CVE-2021-4115"]}, {"type": "redos", "idList": ["ROS-20220318-03"]}, {"type": "rocky", "idList": ["RLSA-2022:1546"]}, {"type": "slackware", "idList": ["SSA-2022-071-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2022:0525-1"]}, {"type": "ubuntu", "idList": ["USN-5304-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-4115"]}, {"type": "veracode", "idList": ["VERACODE:34333"]}]}, "twitter": {"counter": 2, "tweets": [{"link": "https://twitter.com/threatintelctr/status/1556802978601910275", "text": " NEW: CVE-2021-4115 There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availabil... (click for more) Severity: MEDIUM https://t.co/OhNaUOpbjx", "author": "threatintelctr", "author_photo": "https://pbs.twimg.com/profile_images/904224973987840000/dMy1x9Ho_400x400.jpg"}]}, "affected_software": {"major_version": [{"name": "polkit project polkit", "version": 0}, {"name": "redhat enterprise linux", "version": 8}, {"name": "fedoraproject fedora", "version": 34}, {"name": "fedoraproject fedora", "version": 35}, {"name": "canonical ubuntu linux", "version": 20}, {"name": "canonical ubuntu linux", "version": 21}, {"name": "debian debian linux", "version": 11}, {"name": "oracle zfs storage appliance kit", "version": 8}]}, "epss": [{"cve": "CVE-2021-4115", "epss": 0.00043, "percentile": 0.07839, "modified": "2023-05-02"}], "vulnersScore": 1.3}, "_state": {"dependencies": 1687190819, "score": 1687186364, "twitter": 0, "affected_software_major_version": 0, "epss": 0}, "_internal": {"score_hash": "79bc24d501699d84de4b284b53bccf56"}, "cna_cvss": {"cna": null, "cvss": {}}, "cpe": ["cpe:/o:debian:debian_linux:11.0", "cpe:/a:oracle:zfs_storage_appliance_kit:8.8", "cpe:/a:polkit_project:polkit:0.117", "cpe:/o:redhat:enterprise_linux:8.0", "cpe:/o:fedoraproject:fedora:34", "cpe:/o:canonical:ubuntu_linux:21.10", "cpe:/o:fedoraproject:fedora:35", "cpe:/o:canonical:ubuntu_linux:20.04"], "cpe23": ["cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", "cpe:2.3:a:polkit_project:polkit:0.117:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:21.10:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*"], "cwe": ["NVD-CWE-Other"], "affectedSoftware": [{"cpeName": "polkit_project:polkit", "version": "0.117", "operator": "eq", "name": "polkit project polkit"}, {"cpeName": "redhat:enterprise_linux", "version": "8.0", "operator": "eq", "name": "redhat enterprise linux"}, {"cpeName": "fedoraproject:fedora", "version": "34", "operator": "eq", "name": "fedoraproject fedora"}, {"cpeName": "fedoraproject:fedora", "version": "35", "operator": "eq", "name": "fedoraproject fedora"}, {"cpeName": "canonical:ubuntu_linux", "version": "20.04", "operator": "eq", "name": "canonical ubuntu linux"}, {"cpeName": "canonical:ubuntu_linux", "version": "21.10", "operator": "eq", "name": "canonical ubuntu linux"}, {"cpeName": "debian:debian_linux", "version": "11.0", "operator": "eq", "name": "debian debian linux"}, {"cpeName": "oracle:zfs_storage_appliance_kit", "version": "8.8", "operator": "eq", "name": "oracle zfs storage appliance kit"}], "affectedConfiguration": [], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:a:polkit_project:polkit:0.117:*:*:*:*:*:*:*", "cpe_name": []}]}, {"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "cpe_name": []}]}, {"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "cpe_name": []}]}, {"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:21.10:*:*:*:*:*:*:*", "cpe_name": []}]}, {"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", "cpe_name": []}]}, {"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*", "cpe_name": []}]}]}, "extraReferences": [{"url": "https://access.redhat.com/security/cve/cve-2021-4115", "name": "https://access.redhat.com/security/cve/cve-2021-4115", "refsource": "MISC", "tags": ["Third Party Advisory"]}, {"url": "https://gitlab.com/redhat/centos-stream/rpms/polkit/-/merge_requests/6/diffs?commit_id=bf900df04dc390d389e59aa10942b0f2b15c531e", "name": "https://gitlab.com/redhat/centos-stream/rpms/polkit/-/merge_requests/6/diffs?commit_id=bf900df04dc390d389e59aa10942b0f2b15c531e", "refsource": "MISC", "tags": ["Patch", "Third Party Advisory"]}, {"url": "https://gitlab.freedesktop.org/polkit/polkit/-/issues/141", "name": "https://gitlab.freedesktop.org/polkit/polkit/-/issues/141", "refsource": "MISC", "tags": ["Exploit", "Issue Tracking", "Patch", "Third Party Advisory"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VGKWCBS6IDZYYDYM2WIWJM5BL7QQTWPF/", "name": "FEDORA-2022-5e6d5fe680", "refsource": "FEDORA", "tags": ["Mailing List", "Third Party Advisory"]}, {"url": "https://www.oracle.com/security-alerts/cpujul2022.html", "name": "N/A", "refsource": "N/A", "tags": ["Patch", "Third Party Advisory"]}, {"url": "http://packetstormsecurity.com/files/172849/polkit-File-Descriptor-Exhaustion.html", "name": "http://packetstormsecurity.com/files/172849/polkit-File-Descriptor-Exhaustion.html", "refsource": "MISC", "tags": []}], "product_info": [{"vendor": "Canonical", "product": "Ubuntu_linux"}, {"vendor": "Debian", "product": "Debian_linux"}, {"vendor": "Polkit_project", "product": "Polkit"}, {"vendor": "Fedoraproject", "product": "Fedora"}, {"vendor": "Redhat", "product": "Enterprise_linux"}, {"vendor": "Oracle", "product": "Zfs_storage_appliance_kit"}], "solutions": [], "workarounds": [], "impacts": [], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-400", "cweId": "CWE-400"}]}], "exploits": [], "assigned": "1976-01-01T00:00:00"}

{"fedora": [{"lastseen": "2023-06-19T15:36:06", "description": "polkit is a toolkit for defining and handling authorizations. It is used for allowing unprivileged processes to speak to privileged processes. ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-02-19T01:32:59", "type": "fedora", "title": "[SECURITY] Fedora 35 Update: polkit-0.120-1.fc35.2", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4115"], "modified": "2022-02-19T01:32:59", "id": "FEDORA:F11B9312BA8F", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/KLISGPPFV5UH2W72SRUBNVWZWI7CWAAY/", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-19T15:36:06", "description": "polkit is a toolkit for defining and handling authorizations. It is used for allowing unprivileged processes to speak to privileged processes. ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-03-03T15:50:59", "type": "fedora", "title": "[SECURITY] Fedora 34 Update: polkit-0.117-3.fc34.3", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4115"], "modified": "2022-03-03T15:50:59", "id": "FEDORA:8558B30C122C", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/VGKWCBS6IDZYYDYM2WIWJM5BL7QQTWPF/", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}], "broadcom": [{"lastseen": "2022-08-31T15:57:31", "description": "There is a flaw **in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the failing process being reaped and a new one being spawned", "cvss3": {}, "published": "2022-07-29T00:00:00", "type": "broadcom", "title": "Flaw in polkit", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2021-4115"], "modified": "2022-07-29T00:00:00", "id": "BSA-2022-2011", "href": "https://www.broadcom.com//support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2011", "cvss": {"score": "5.5", "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}}], "nessus": [{"lastseen": "2023-05-17T16:33:20", "description": "According to the versions of the polkit packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the failing process being reaped and a new one being spawned (CVE-2021-4115)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-07-29T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.9.1 : polkit (EulerOS-SA-2022-2187)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4115"], "modified": "2022-07-29T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:polkit", "p-cpe:/a:huawei:euleros:polkit-libs", "cpe:/o:huawei:euleros:uvp:2.9.1"], "id": "EULEROS_SA-2022-2187.NASL", "href": "https://www.tenable.com/plugins/nessus/163615", "sourceData": "##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163615);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/07/29\");\n\n script_cve_id(\"CVE-2021-4115\");\n\n script_name(english:\"EulerOS Virtualization 2.9.1 : polkit (EulerOS-SA-2022-2187)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the polkit packages installed, the EulerOS Virtualization installation on the remote host\nis affected by the following vulnerabilities :\n\n - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process\n file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit\n process outage duration is tied to the failing process being reaped and a new one being spawned\n (CVE-2021-4115)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-2187\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?288e909f\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected polkit packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4115\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/07/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:polkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:polkit-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.9.1\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.9.1\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.9.1\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"polkit-0.116-5.h8.eulerosv2r9\",\n \"polkit-libs-0.116-5.h8.eulerosv2r9\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"polkit\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-12T14:36:37", "description": "The remote Ubuntu 20.04 LTS / 21.10 host has packages installed that are affected by a vulnerability as referenced in the USN-5304-1 advisory.\n\n - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the failing process being reaped and a new one being spawned (CVE-2021-4115)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-02-28T00:00:00", "type": "nessus", "title": "Ubuntu 20.04 LTS / 21.10 : PolicyKit vulnerability (USN-5304-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4115"], "modified": "2023-07-10T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "cpe:/o:canonical:ubuntu_linux:21.10", "p-cpe:/a:canonical:ubuntu_linux:gir1.2-polkit-1.0", "p-cpe:/a:canonical:ubuntu_linux:libpolkit-agent-1-0", "p-cpe:/a:canonical:ubuntu_linux:libpolkit-agent-1-dev", "p-cpe:/a:canonical:ubuntu_linux:libpolkit-gobject-1-0", "p-cpe:/a:canonical:ubuntu_linux:libpolkit-gobject-1-dev", "p-cpe:/a:canonical:ubuntu_linux:policykit-1"], "id": "UBUNTU_USN-5304-1.NASL", "href": "https://www.tenable.com/plugins/nessus/158455", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5304-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158455);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/10\");\n\n script_cve_id(\"CVE-2021-4115\");\n script_xref(name:\"USN\", value:\"5304-1\");\n\n script_name(english:\"Ubuntu 20.04 LTS / 21.10 : PolicyKit vulnerability (USN-5304-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 20.04 LTS / 21.10 host has packages installed that are affected by a vulnerability as referenced in\nthe USN-5304-1 advisory.\n\n - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process\n file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit\n process outage duration is tied to the failing process being reaped and a new one being spawned\n (CVE-2021-4115)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5304-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4115\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:21.10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gir1.2-polkit-1.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libpolkit-agent-1-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libpolkit-agent-1-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libpolkit-gobject-1-0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libpolkit-gobject-1-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:policykit-1\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2022-2023 Canonical, Inc. / NASL script (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nos_release = chomp(os_release);\nif (! ('20.04' >< os_release || '21.10' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 20.04 / 21.10', 'Ubuntu ' + os_release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar pkgs = [\n {'osver': '20.04', 'pkgname': 'gir1.2-polkit-1.0', 'pkgver': '0.105-26ubuntu1.3'},\n {'osver': '20.04', 'pkgname': 'libpolkit-agent-1-0', 'pkgver': '0.105-26ubuntu1.3'},\n {'osver': '20.04', 'pkgname': 'libpolkit-agent-1-dev', 'pkgver': '0.105-26ubuntu1.3'},\n {'osver': '20.04', 'pkgname': 'libpolkit-gobject-1-0', 'pkgver': '0.105-26ubuntu1.3'},\n {'osver': '20.04', 'pkgname': 'libpolkit-gobject-1-dev', 'pkgver': '0.105-26ubuntu1.3'},\n {'osver': '20.04', 'pkgname': 'policykit-1', 'pkgver': '0.105-26ubuntu1.3'},\n {'osver': '21.10', 'pkgname': 'gir1.2-polkit-1.0', 'pkgver': '0.105-31ubuntu0.2'},\n {'osver': '21.10', 'pkgname': 'libpolkit-agent-1-0', 'pkgver': '0.105-31ubuntu0.2'},\n {'osver': '21.10', 'pkgname': 'libpolkit-agent-1-dev', 'pkgver': '0.105-31ubuntu0.2'},\n {'osver': '21.10', 'pkgname': 'libpolkit-gobject-1-0', 'pkgver': '0.105-31ubuntu0.2'},\n {'osver': '21.10', 'pkgname': 'libpolkit-gobject-1-dev', 'pkgver': '0.105-31ubuntu0.2'},\n {'osver': '21.10', 'pkgname': 'policykit-1', 'pkgver': '0.105-31ubuntu0.2'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'gir1.2-polkit-1.0 / libpolkit-agent-1-0 / libpolkit-agent-1-dev / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-14T12:54:59", "description": "The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:0525-2 advisory.\n\n - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the failing process being reaped and a new one being spawned (CVE-2021-4115)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-02-08T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : polkit (SUSE-SU-2022:0525-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4115"], "modified": "2023-07-14T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libpolkit0", "p-cpe:/a:novell:suse_linux:polkit", "p-cpe:/a:novell:suse_linux:polkit-devel", "p-cpe:/a:novell:suse_linux:typelib-1_0-polkit-1_0", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2022-0525-2.NASL", "href": "https://www.tenable.com/plugins/nessus/171197", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:0525-2. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(171197);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/14\");\n\n script_cve_id(\"CVE-2021-4115\");\n script_xref(name:\"IAVA\", value:\"2022-A-0055\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:0525-2\");\n\n script_name(english:\"SUSE SLES15 Security Update : polkit (SUSE-SU-2022:0525-2)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by a vulnerability as referenced\nin the SUSE-SU-2022:0525-2 advisory.\n\n - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process\n file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit\n process outage duration is tied to the failing process being reaped and a new one being spawned\n (CVE-2021-4115)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1195542\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4115\");\n # https://lists.suse.com/pipermail/sle-security-updates/2023-February/013660.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f2711553\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libpolkit0, polkit, polkit-devel and / or typelib-1_0-Polkit-1_0 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4115\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/02/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/02/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpolkit0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:polkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:polkit-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-Polkit-1_0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)(?:_SAP)?\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15|SLES_SAP15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15 / SLES_SAP15', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(2)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP2\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES_SAP15\" && (! preg(pattern:\"^(2)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES_SAP15 SP2\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'libpolkit0-0.116-3.9.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2']},\n {'reference':'polkit-0.116-3.9.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2']},\n {'reference':'polkit-devel-0.116-3.9.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2']},\n {'reference':'typelib-1_0-Polkit-1_0-0.116-3.9.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2']},\n {'reference':'libpolkit0-0.116-3.9.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']},\n {'reference':'polkit-0.116-3.9.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']},\n {'reference':'polkit-devel-0.116-3.9.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']},\n {'reference':'typelib-1_0-Polkit-1_0-0.116-3.9.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n if ('ltss' >< tolower(check)) ltss_caveat_required = TRUE;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n var ltss_plugin_caveat = NULL;\n if(ltss_caveat_required) ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libpolkit0 / polkit / polkit-devel / typelib-1_0-Polkit-1_0');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:30:32", "description": "According to the versions of the polkit packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the failing process being reaped and a new one being spawned (CVE-2021-4115)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-06-15T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP9 : polkit (EulerOS-SA-2022-1874)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4115"], "modified": "2022-06-15T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:polkit", "p-cpe:/a:huawei:euleros:polkit-libs", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-1874.NASL", "href": "https://www.tenable.com/plugins/nessus/162293", "sourceData": "##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(162293);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/06/15\");\n\n script_cve_id(\"CVE-2021-4115\");\n\n script_name(english:\"EulerOS 2.0 SP9 : polkit (EulerOS-SA-2022-1874)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the polkit packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process\n file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit\n process outage duration is tied to the failing process being reaped and a new one being spawned\n (CVE-2021-4115)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1874\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?198a132b\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected polkit packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4115\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/06/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/06/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:polkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:polkit-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(9)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"polkit-0.116-5.h8.eulerosv2r9\",\n \"polkit-libs-0.116-5.h8.eulerosv2r9\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"9\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"polkit\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:34:39", "description": "It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2022-097 advisory.\n\n - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the failing process being reaped and a new one being spawned (CVE-2021-4115)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-09-06T00:00:00", "type": "nessus", "title": "Amazon Linux 2022 : (ALAS2022-2022-097)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4115"], "modified": "2022-09-06T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:polkit", "p-cpe:/a:amazon:linux:polkit-debuginfo", "p-cpe:/a:amazon:linux:polkit-debugsource", "p-cpe:/a:amazon:linux:polkit-devel", "p-cpe:/a:amazon:linux:polkit-docs", "p-cpe:/a:amazon:linux:polkit-libs", "p-cpe:/a:amazon:linux:polkit-libs-debuginfo", "cpe:/o:amazon:linux:2022"], "id": "AL2022_ALAS2022-2022-097.NASL", "href": "https://www.tenable.com/plugins/nessus/164721", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2022 Security Advisory ALAS2022-2022-097.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(164721);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/09/06\");\n\n script_cve_id(\"CVE-2021-4115\");\n script_xref(name:\"IAVA\", value:\"2022-A-0055\");\n\n script_name(english:\"Amazon Linux 2022 : (ALAS2022-2022-097)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2022 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2022-097 advisory.\n\n - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process\n file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit\n process outage duration is tied to the failing process being reaped and a new one being spawned\n (CVE-2021-4115)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2022/ALAS-2022-097.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-4115.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'dnf update --releasever=2022.0.20220628 polkit' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4115\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/06/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:polkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:polkit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:polkit-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:polkit-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:polkit-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:polkit-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:polkit-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2022\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d+|-\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nvar os_ver = os_ver[1];\nif (os_ver != \"-2022\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2022\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar pkgs = [\n {'reference':'polkit-0.117-10.amzn2022', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-0.117-10.amzn2022', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-0.117-10.amzn2022', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-debuginfo-0.117-10.amzn2022', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-debuginfo-0.117-10.amzn2022', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-debuginfo-0.117-10.amzn2022', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-debugsource-0.117-10.amzn2022', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-debugsource-0.117-10.amzn2022', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-debugsource-0.117-10.amzn2022', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-devel-0.117-10.amzn2022', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-devel-0.117-10.amzn2022', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-devel-0.117-10.amzn2022', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-docs-0.117-10.amzn2022', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-libs-0.117-10.amzn2022', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-libs-0.117-10.amzn2022', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-libs-0.117-10.amzn2022', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-libs-debuginfo-0.117-10.amzn2022', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-libs-debuginfo-0.117-10.amzn2022', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-libs-debuginfo-0.117-10.amzn2022', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release && (!exists_check || rpm_exists(release:release, rpm:exists_check))) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"polkit / polkit-debuginfo / polkit-debugsource / etc\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:44:24", "description": "According to the versions of the polkit packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the failing process being reaped and a new one being spawned (CVE-2021-4115)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-04-25T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP8 : polkit (EulerOS-SA-2022-1580)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4115"], "modified": "2022-04-25T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:polkit", "p-cpe:/a:huawei:euleros:polkit-devel", "p-cpe:/a:huawei:euleros:polkit-docs", "p-cpe:/a:huawei:euleros:polkit-libs", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-1580.NASL", "href": "https://www.tenable.com/plugins/nessus/160155", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(160155);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/25\");\n\n script_cve_id(\"CVE-2021-4115\");\n\n script_name(english:\"EulerOS 2.0 SP8 : polkit (EulerOS-SA-2022-1580)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the polkit packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process\n file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit\n process outage duration is tied to the failing process being reaped and a new one being spawned\n (CVE-2021-4115)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1580\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?cc6a120f\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected polkit packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4115\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/04/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/04/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:polkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:polkit-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:polkit-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:polkit-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"polkit-0.115-2.h15.eulerosv2r8\",\n \"polkit-devel-0.115-2.h15.eulerosv2r8\",\n \"polkit-docs-0.115-2.h15.eulerosv2r8\",\n \"polkit-libs-0.115-2.h15.eulerosv2r8\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"polkit\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:30:24", "description": "According to the versions of the polkit packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the failing process being reaped and a new one being spawned (CVE-2021-4115)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-06-06T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP10 : polkit (EulerOS-SA-2022-1813)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4115"], "modified": "2022-06-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:polkit", "p-cpe:/a:huawei:euleros:polkit-libs", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-1813.NASL", "href": "https://www.tenable.com/plugins/nessus/161854", "sourceData": "##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(161854);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/06/06\");\n\n script_cve_id(\"CVE-2021-4115\");\n\n script_name(english:\"EulerOS 2.0 SP10 : polkit (EulerOS-SA-2022-1813)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the polkit packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process\n file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit\n process outage duration is tied to the failing process being reaped and a new one being spawned\n (CVE-2021-4115)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1813\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?35a64754\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected polkit packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4115\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/06/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/06/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:polkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:polkit-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(10)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"polkit-0.116-6.h5.eulerosv2r10\",\n \"polkit-libs-0.116-6.h5.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"10\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"polkit\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:41:56", "description": "The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2022:0525-1 advisory.\n\n - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the failing process being reaped and a new one being spawned (CVE-2021-4115)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-02-22T00:00:00", "type": "nessus", "title": "openSUSE 15 Security Update : polkit (openSUSE-SU-2022:0525-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4115"], "modified": "2022-03-07T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libpolkit0", "p-cpe:/a:novell:opensuse:libpolkit0-32bit", "p-cpe:/a:novell:opensuse:polkit", "p-cpe:/a:novell:opensuse:polkit-devel", "p-cpe:/a:novell:opensuse:typelib-1_0-polkit-1_0", "cpe:/o:novell:opensuse:15.3"], "id": "OPENSUSE-2022-0525-1.NASL", "href": "https://www.tenable.com/plugins/nessus/158218", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# openSUSE Security Update openSUSE-SU-2022:0525-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158218);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/03/07\");\n\n script_cve_id(\"CVE-2021-4115\");\n\n script_name(english:\"openSUSE 15 Security Update : polkit (openSUSE-SU-2022:0525-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the\nopenSUSE-SU-2022:0525-1 advisory.\n\n - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process\n file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit\n process outage duration is tied to the failing process being reaped and a new one being spawned\n (CVE-2021-4115)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1195542\");\n # https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/D6R7S5GYVKZ4LZLTJ5KNEDZRGJISXBAZ/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c514aaf6\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4115\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4115\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpolkit0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpolkit0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:polkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:polkit-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:typelib-1_0-Polkit-1_0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.3\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/SuSE/release');\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, 'openSUSE');\nvar os_ver = pregmatch(pattern: \"^SUSE([\\d.]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');\nos_ver = os_ver[1];\nif (release !~ \"^(SUSE15\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.3', release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);\n\nvar pkgs = [\n {'reference':'libpolkit0-0.116-3.9.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libpolkit0-32bit-0.116-3.9.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-0.116-3.9.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-devel-0.116-3.9.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'typelib-1_0-Polkit-1_0-0.116-3.9.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libpolkit0 / libpolkit0-32bit / polkit / polkit-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:34:40", "description": "It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2022-102 advisory.\n\n - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the failing process being reaped and a new one being spawned (CVE-2021-4115)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-09-06T00:00:00", "type": "nessus", "title": "Amazon Linux 2022 : (ALAS2022-2022-102)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4115"], "modified": "2022-09-06T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:polkit", "p-cpe:/a:amazon:linux:polkit-debuginfo", "p-cpe:/a:amazon:linux:polkit-debugsource", "p-cpe:/a:amazon:linux:polkit-devel", "p-cpe:/a:amazon:linux:polkit-docs", "p-cpe:/a:amazon:linux:polkit-libs", "p-cpe:/a:amazon:linux:polkit-libs-debuginfo", "cpe:/o:amazon:linux:2022"], "id": "AL2022_ALAS2022-2022-102.NASL", "href": "https://www.tenable.com/plugins/nessus/164740", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2022 Security Advisory ALAS2022-2022-102.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(164740);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/09/06\");\n\n script_cve_id(\"CVE-2021-4115\");\n script_xref(name:\"IAVA\", value:\"2022-A-0055\");\n\n script_name(english:\"Amazon Linux 2022 : (ALAS2022-2022-102)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2022 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2022-102 advisory.\n\n - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process\n file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit\n process outage duration is tied to the failing process being reaped and a new one being spawned\n (CVE-2021-4115)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2022/ALAS-2022-102.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-4115.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'dnf update --releasever=2022.0.20220628 polkit' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4115\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/06/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:polkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:polkit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:polkit-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:polkit-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:polkit-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:polkit-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:polkit-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2022\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d+|-\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nvar os_ver = os_ver[1];\nif (os_ver != \"-2022\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2022\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar pkgs = [\n {'reference':'polkit-0.120-1.amzn2022.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-0.120-1.amzn2022.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-0.120-1.amzn2022.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-debuginfo-0.120-1.amzn2022.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-debuginfo-0.120-1.amzn2022.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-debuginfo-0.120-1.amzn2022.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-debugsource-0.120-1.amzn2022.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-debugsource-0.120-1.amzn2022.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-debugsource-0.120-1.amzn2022.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-devel-0.120-1.amzn2022.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-devel-0.120-1.amzn2022.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-devel-0.120-1.amzn2022.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-docs-0.120-1.amzn2022.2', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-libs-0.120-1.amzn2022.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-libs-0.120-1.amzn2022.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-libs-0.120-1.amzn2022.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-libs-debuginfo-0.120-1.amzn2022.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-libs-debuginfo-0.120-1.amzn2022.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-libs-debuginfo-0.120-1.amzn2022.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release && (!exists_check || rpm_exists(release:release, rpm:exists_check))) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"polkit / polkit-debuginfo / polkit-debugsource / etc\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:44:09", "description": "The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-1546 advisory.\n\n - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the failing process being reaped and a new one being spawned (CVE-2021-4115)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-04-27T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : polkit (ELSA-2022-1546)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4115"], "modified": "2022-04-27T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:polkit", "p-cpe:/a:oracle:linux:polkit-devel", "p-cpe:/a:oracle:linux:polkit-docs", "p-cpe:/a:oracle:linux:polkit-libs"], "id": "ORACLELINUX_ELSA-2022-1546.NASL", "href": "https://www.tenable.com/plugins/nessus/160246", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2022-1546.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(160246);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/27\");\n\n script_cve_id(\"CVE-2021-4115\");\n\n script_name(english:\"Oracle Linux 8 : polkit (ELSA-2022-1546)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the\nELSA-2022-1546 advisory.\n\n - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process\n file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit\n process outage duration is tied to the failing process being reaped and a new one being spawned\n (CVE-2021-4115)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2022-1546.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4115\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/04/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/04/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:polkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:polkit-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:polkit-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:polkit-libs\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar pkgs = [\n {'reference':'polkit-0.115-13.0.1.el8_5.2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-0.115-13.0.1.el8_5.2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-devel-0.115-13.0.1.el8_5.2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-devel-0.115-13.0.1.el8_5.2', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-devel-0.115-13.0.1.el8_5.2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-docs-0.115-13.0.1.el8_5.2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-libs-0.115-13.0.1.el8_5.2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-libs-0.115-13.0.1.el8_5.2', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-libs-0.115-13.0.1.el8_5.2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'polkit / polkit-devel / polkit-docs / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:30:24", "description": "According to the versions of the polkit packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the failing process being reaped and a new one being spawned (CVE-2021-4115)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-06-06T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP10 : polkit (EulerOS-SA-2022-1796)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4115"], "modified": "2022-06-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:polkit", "p-cpe:/a:huawei:euleros:polkit-libs", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-1796.NASL", "href": "https://www.tenable.com/plugins/nessus/161863", "sourceData": "##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(161863);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/06/06\");\n\n script_cve_id(\"CVE-2021-4115\");\n\n script_name(english:\"EulerOS 2.0 SP10 : polkit (EulerOS-SA-2022-1796)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the polkit packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process\n file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit\n process outage duration is tied to the failing process being reaped and a new one being spawned\n (CVE-2021-4115)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1796\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?159f5bf8\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected polkit packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4115\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/06/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/06/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:polkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:polkit-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(10)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"polkit-0.116-6.h5.eulerosv2r10\",\n \"polkit-libs-0.116-6.h5.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"10\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"polkit\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-14T14:51:45", "description": "The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:0525-1 advisory.\n\n - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the failing process being reaped and a new one being spawned (CVE-2021-4115)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-02-22T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : polkit (SUSE-SU-2022:0525-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4115"], "modified": "2023-07-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libpolkit0", "p-cpe:/a:novell:suse_linux:polkit", "p-cpe:/a:novell:suse_linux:polkit-devel", "p-cpe:/a:novell:suse_linux:typelib-1_0-polkit-1_0", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2022-0525-1.NASL", "href": "https://www.tenable.com/plugins/nessus/158226", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:0525-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158226);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/13\");\n\n script_cve_id(\"CVE-2021-4115\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:0525-1\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : polkit (SUSE-SU-2022:0525-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by a vulnerability as referenced in\nthe SUSE-SU-2022:0525-1 advisory.\n\n - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process\n file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit\n process outage duration is tied to the failing process being reaped and a new one being spawned\n (CVE-2021-4115)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1195542\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4115\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-February/010276.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?34fb3550\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libpolkit0, polkit, polkit-devel and / or typelib-1_0-Polkit-1_0 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4115\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpolkit0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:polkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:polkit-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-Polkit-1_0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED15 / SLES15', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(3)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLED15 SP3\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(2|3)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP2/3\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'libpolkit0-0.116-3.9.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_RT-release-15.2']},\n {'reference':'polkit-0.116-3.9.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_RT-release-15.2']},\n {'reference':'polkit-devel-0.116-3.9.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_RT-release-15.2']},\n {'reference':'typelib-1_0-Polkit-1_0-0.116-3.9.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_RT-release-15.2']},\n {'reference':'libpolkit0-0.116-3.9.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'libpolkit0-0.116-3.9.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'polkit-0.116-3.9.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'polkit-0.116-3.9.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'polkit-devel-0.116-3.9.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'polkit-devel-0.116-3.9.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'typelib-1_0-Polkit-1_0-0.116-3.9.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']},\n {'reference':'typelib-1_0-Polkit-1_0-0.116-3.9.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-basesystem-release-15.3']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libpolkit0 / polkit / polkit-devel / typelib-1_0-Polkit-1_0');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:33:07", "description": "According to the versions of the polkit packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the failing process being reaped and a new one being spawned (CVE-2021-4115)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-07-29T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.9.0 : polkit (EulerOS-SA-2022-2206)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4115"], "modified": "2022-07-29T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:polkit", "p-cpe:/a:huawei:euleros:polkit-libs", "cpe:/o:huawei:euleros:uvp:2.9.0"], "id": "EULEROS_SA-2022-2206.NASL", "href": "https://www.tenable.com/plugins/nessus/163606", "sourceData": "##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163606);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/07/29\");\n\n script_cve_id(\"CVE-2021-4115\");\n\n script_name(english:\"EulerOS Virtualization 2.9.0 : polkit (EulerOS-SA-2022-2206)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the polkit packages installed, the EulerOS Virtualization installation on the remote host\nis affected by the following vulnerabilities :\n\n - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process\n file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit\n process outage duration is tied to the failing process being reaped and a new one being spawned\n (CVE-2021-4115)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-2206\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c5d28288\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected polkit packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4115\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/07/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:polkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:polkit-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.9.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.9.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.9.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"polkit-0.116-5.h8.eulerosv2r9\",\n \"polkit-libs-0.116-5.h8.eulerosv2r9\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"polkit\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-26T14:39:55", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:1546 advisory.\n\n - polkit: file descriptor leak allows an unprivileged user to cause a crash (CVE-2021-4115)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-04-27T00:00:00", "type": "nessus", "title": "RHEL 8 : polkit (RHSA-2022:1546)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4115"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:rhel_aus:8.6", "cpe:/o:redhat:rhel_e4s:8.6", "cpe:/o:redhat:rhel_eus:8.6", "cpe:/o:redhat:rhel_tus:8.6", "p-cpe:/a:redhat:enterprise_linux:polkit", "p-cpe:/a:redhat:enterprise_linux:polkit-devel", "p-cpe:/a:redhat:enterprise_linux:polkit-docs", "p-cpe:/a:redhat:enterprise_linux:polkit-libs"], "id": "REDHAT-RHSA-2022-1546.NASL", "href": "https://www.tenable.com/plugins/nessus/160240", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:1546. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(160240);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\"CVE-2021-4115\");\n script_xref(name:\"RHSA\", value:\"2022:1546\");\n\n script_name(english:\"RHEL 8 : polkit (RHSA-2022:1546)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2022:1546 advisory.\n\n - polkit: file descriptor leak allows an unprivileged user to cause a crash (CVE-2021-4115)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-4115\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:1546\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2007534\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4115\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(403);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/04/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/04/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:polkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:polkit-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:polkit-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:polkit-libs\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.6/x86_64/appstream/debug',\n 'content/aus/rhel8/8.6/x86_64/appstream/os',\n 'content/aus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.6/x86_64/baseos/debug',\n 'content/aus/rhel8/8.6/x86_64/baseos/os',\n 'content/aus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.6/x86_64/appstream/os',\n 'content/e4s/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.6/x86_64/baseos/os',\n 'content/e4s/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap/os',\n 'content/e4s/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/appstream/debug',\n 'content/eus/rhel8/8.6/aarch64/appstream/os',\n 'content/eus/rhel8/8.6/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/baseos/debug',\n 'content/eus/rhel8/8.6/aarch64/baseos/os',\n 'content/eus/rhel8/8.6/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.6/aarch64/highavailability/os',\n 'content/eus/rhel8/8.6/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.6/aarch64/supplementary/os',\n 'content/eus/rhel8/8.6/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.6/ppc64le/appstream/os',\n 'content/eus/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.6/ppc64le/baseos/os',\n 'content/eus/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap/os',\n 'content/eus/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/appstream/debug',\n 'content/eus/rhel8/8.6/s390x/appstream/os',\n 'content/eus/rhel8/8.6/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/baseos/debug',\n 'content/eus/rhel8/8.6/s390x/baseos/os',\n 'content/eus/rhel8/8.6/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/highavailability/debug',\n 'content/eus/rhel8/8.6/s390x/highavailability/os',\n 'content/eus/rhel8/8.6/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/sap/debug',\n 'content/eus/rhel8/8.6/s390x/sap/os',\n 'content/eus/rhel8/8.6/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/supplementary/debug',\n 'content/eus/rhel8/8.6/s390x/supplementary/os',\n 'content/eus/rhel8/8.6/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/appstream/debug',\n 'content/eus/rhel8/8.6/x86_64/appstream/os',\n 'content/eus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/baseos/debug',\n 'content/eus/rhel8/8.6/x86_64/baseos/os',\n 'content/eus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.6/x86_64/highavailability/os',\n 'content/eus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap/debug',\n 'content/eus/rhel8/8.6/x86_64/sap/os',\n 'content/eus/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.6/x86_64/supplementary/os',\n 'content/eus/rhel8/8.6/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/appstream/debug',\n 'content/tus/rhel8/8.6/x86_64/appstream/os',\n 'content/tus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/baseos/debug',\n 'content/tus/rhel8/8.6/x86_64/baseos/os',\n 'content/tus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.6/x86_64/highavailability/os',\n 'content/tus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/rt/os',\n 'content/tus/rhel8/8.6/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'polkit-0.115-13.el8_5.2', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-devel-0.115-13.el8_5.2', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-docs-0.115-13.el8_5.2', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-libs-0.115-13.el8_5.2', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/aarch64/appstream/debug',\n 'content/dist/rhel8/8/aarch64/appstream/os',\n 'content/dist/rhel8/8/aarch64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/baseos/debug',\n 'content/dist/rhel8/8/aarch64/baseos/os',\n 'content/dist/rhel8/8/aarch64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/codeready-builder/debug',\n 'content/dist/rhel8/8/aarch64/codeready-builder/os',\n 'content/dist/rhel8/8/aarch64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/highavailability/debug',\n 'content/dist/rhel8/8/aarch64/highavailability/os',\n 'content/dist/rhel8/8/aarch64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/supplementary/debug',\n 'content/dist/rhel8/8/aarch64/supplementary/os',\n 'content/dist/rhel8/8/aarch64/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/appstream/debug',\n 'content/dist/rhel8/8/ppc64le/appstream/os',\n 'content/dist/rhel8/8/ppc64le/appstream/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/baseos/debug',\n 'content/dist/rhel8/8/ppc64le/baseos/os',\n 'content/dist/rhel8/8/ppc64le/baseos/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/debug',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/os',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/highavailability/debug',\n 'content/dist/rhel8/8/ppc64le/highavailability/os',\n 'content/dist/rhel8/8/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/debug',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/os',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/debug',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/os',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap/debug',\n 'content/dist/rhel8/8/ppc64le/sap/os',\n 'content/dist/rhel8/8/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/supplementary/debug',\n 'content/dist/rhel8/8/ppc64le/supplementary/os',\n 'content/dist/rhel8/8/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/s390x/appstream/debug',\n 'content/dist/rhel8/8/s390x/appstream/os',\n 'content/dist/rhel8/8/s390x/appstream/source/SRPMS',\n 'content/dist/rhel8/8/s390x/baseos/debug',\n 'content/dist/rhel8/8/s390x/baseos/os',\n 'content/dist/rhel8/8/s390x/baseos/source/SRPMS',\n 'content/dist/rhel8/8/s390x/codeready-builder/debug',\n 'content/dist/rhel8/8/s390x/codeready-builder/os',\n 'content/dist/rhel8/8/s390x/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/s390x/highavailability/debug',\n 'content/dist/rhel8/8/s390x/highavailability/os',\n 'content/dist/rhel8/8/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/s390x/resilientstorage/debug',\n 'content/dist/rhel8/8/s390x/resilientstorage/os',\n 'content/dist/rhel8/8/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/s390x/sap/debug',\n 'content/dist/rhel8/8/s390x/sap/os',\n 'content/dist/rhel8/8/s390x/sap/source/SRPMS',\n 'content/dist/rhel8/8/s390x/supplementary/debug',\n 'content/dist/rhel8/8/s390x/supplementary/os',\n 'content/dist/rhel8/8/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'polkit-0.115-13.el8_5.2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-devel-0.115-13.el8_5.2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-docs-0.115-13.el8_5.2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-libs-0.115-13.el8_5.2', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp']) && !enterprise_linux_flag) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'polkit / polkit-devel / polkit-docs / polkit-libs');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:49:52", "description": "The version of polkit installed on the remote host is prior to 0.120. It is, therefore, affected by a vulnerability as referenced in the SSA:2022-071-01 advisory.\n\n - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the failing process being reaped and a new one being spawned (CVE-2021-4115)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-13T00:00:00", "type": "nessus", "title": "Slackware Linux 15.0 / current polkit Vulnerability (SSA:2022-071-01)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4115"], "modified": "2022-03-13T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:polkit", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:15.0"], "id": "SLACKWARE_SSA_2022-071-01.NASL", "href": "https://www.tenable.com/plugins/nessus/158886", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Slackware Security Advisory SSA:2022-071-01. The text\n# itself is copyright (C) Slackware Linux, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158886);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/03/13\");\n\n script_cve_id(\"CVE-2021-4115\");\n\n script_name(english:\"Slackware Linux 15.0 / current polkit Vulnerability (SSA:2022-071-01)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Slackware Linux host is missing a security update to polkit.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of polkit installed on the remote host is prior to 0.120. It is, therefore, affected by a vulnerability as\nreferenced in the SSA:2022-071-01 advisory.\n\n - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process\n file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit\n process outage duration is tied to the failing process being reaped and a new one being spawned\n (CVE-2021-4115)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the affected polkit package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4115\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:polkit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:15.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Slackware Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\nvar flag = 0;\nvar constraints = [\n { 'fixed_version' : '0.120', 'product' : 'polkit', 'os_name' : 'Slackware Linux', 'os_version' : '15.0', 'service_pack' : '3_slack15.0', 'arch' : 'i586' },\n { 'fixed_version' : '0.120', 'product' : 'polkit', 'os_name' : 'Slackware Linux', 'os_version' : '15.0', 'service_pack' : '3_slack15.0', 'arch' : 'x86_64' },\n { 'fixed_version' : '0.120', 'product' : 'polkit', 'os_name' : 'Slackware Linux', 'os_version' : 'current', 'service_pack' : '3', 'arch' : 'i586' },\n { 'fixed_version' : '0.120', 'product' : 'polkit', 'os_name' : 'Slackware Linux', 'os_version' : 'current', 'service_pack' : '3', 'arch' : 'x86_64' }\n];\n\nforeach constraint (constraints) {\n var pkg_arch = constraint['arch'];\n var arch = NULL;\n if (pkg_arch == \"x86_64\") {\n arch = pkg_arch;\n }\n if (slackware_check(osver:constraint['os_version'],\n arch:arch,\n pkgname:constraint['product'],\n pkgver:constraint['fixed_version'],\n pkgarch:pkg_arch,\n pkgnum:constraint['service_pack'])) flag++;\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : slackware_report_get()\n );\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:30:32", "description": "According to the versions of the polkit packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the failing process being reaped and a new one being spawned (CVE-2021-4115)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-06-15T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP9 : polkit (EulerOS-SA-2022-1850)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4115"], "modified": "2022-06-15T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:polkit", "p-cpe:/a:huawei:euleros:polkit-libs", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-1850.NASL", "href": "https://www.tenable.com/plugins/nessus/162273", "sourceData": "##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(162273);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/06/15\");\n\n script_cve_id(\"CVE-2021-4115\");\n\n script_name(english:\"EulerOS 2.0 SP9 : polkit (EulerOS-SA-2022-1850)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the polkit packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process\n file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit\n process outage duration is tied to the failing process being reaped and a new one being spawned\n (CVE-2021-4115)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1850\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?da76794a\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected polkit packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4115\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/06/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/06/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:polkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:polkit-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(9)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"polkit-0.116-5.h8.eulerosv2r9\",\n \"polkit-libs-0.116-5.h8.eulerosv2r9\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"9\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"polkit\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-14T14:50:59", "description": "The remote SUSE Linux SLED12 / SLES12 / SLES_SAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:0524-1 advisory.\n\n - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the failing process being reaped and a new one being spawned (CVE-2021-4115)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-02-22T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : polkit (SUSE-SU-2022:0524-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4115"], "modified": "2023-07-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libpolkit0", "p-cpe:/a:novell:suse_linux:libpolkit0-32bit", "p-cpe:/a:novell:suse_linux:polkit", "p-cpe:/a:novell:suse_linux:polkit-devel", "p-cpe:/a:novell:suse_linux:typelib-1_0-polkit-1_0", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2022-0524-1.NASL", "href": "https://www.tenable.com/plugins/nessus/158233", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:0524-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158233);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/13\");\n\n script_cve_id(\"CVE-2021-4115\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:0524-1\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : polkit (SUSE-SU-2022:0524-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLED12 / SLES12 / SLES_SAP12 host has packages installed that are affected by a vulnerability as\nreferenced in the SUSE-SU-2022:0524-1 advisory.\n\n - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process\n file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit\n process outage duration is tied to the failing process being reaped and a new one being spawned\n (CVE-2021-4115)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1195542\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4115\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-February/010277.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?303168c7\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4115\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpolkit0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpolkit0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:polkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:polkit-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-Polkit-1_0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)(?:_SAP)?\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12|SLES_SAP12)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED12 / SLES12 / SLES_SAP12', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(5)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLED12 SP5\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(5)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES12 SP5\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES_SAP12\" && (! preg(pattern:\"^(5)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES_SAP12 SP5\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'libpolkit0-0.113-5.27.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},\n {'reference':'polkit-0.113-5.27.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},\n {'reference':'typelib-1_0-Polkit-1_0-0.113-5.27.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5']},\n {'reference':'polkit-devel-0.113-5.27.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-sdk-release-12.5']},\n {'reference':'libpolkit0-32bit-0.113-5.27.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLED12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-we-release-12.5']},\n {'reference':'libpolkit0-32bit-0.113-5.27.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-we-release-12.5']},\n {'reference':'libpolkit0-0.113-5.27.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},\n {'reference':'polkit-0.113-5.27.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']},\n {'reference':'typelib-1_0-Polkit-1_0-0.113-5.27.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.5']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libpolkit0 / libpolkit0-32bit / polkit / polkit-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:44:10", "description": "The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:1546 advisory.\n\n - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the failing process being reaped and a new one being spawned (CVE-2021-4115)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-04-28T00:00:00", "type": "nessus", "title": "Rocky Linux 8 : polkit (RLSA-2022:1546)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4115"], "modified": "2022-04-28T00:00:00", "cpe": ["p-cpe:/a:rocky:linux:polkit", "p-cpe:/a:rocky:linux:polkit-debuginfo", "p-cpe:/a:rocky:linux:polkit-debugsource", "p-cpe:/a:rocky:linux:polkit-devel", "p-cpe:/a:rocky:linux:polkit-docs", "p-cpe:/a:rocky:linux:polkit-libs", "p-cpe:/a:rocky:linux:polkit-libs-debuginfo", "cpe:/o:rocky:linux:8"], "id": "ROCKY_LINUX_RLSA-2022-1546.NASL", "href": "https://www.tenable.com/plugins/nessus/160293", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# Rocky Linux Security Advisory RLSA-2022:1546.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(160293);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/28\");\n\n script_cve_id(\"CVE-2021-4115\");\n script_xref(name:\"RLSA\", value:\"2022:1546\");\n\n script_name(english:\"Rocky Linux 8 : polkit (RLSA-2022:1546)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Rocky Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the\nRLSA-2022:1546 advisory.\n\n - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process\n file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit\n process outage duration is tied to the failing process being reaped and a new one being spawned\n (CVE-2021-4115)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.rockylinux.org/RLSA-2022:1546\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2007534\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4115\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/04/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/04/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:polkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:polkit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:polkit-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:polkit-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:polkit-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:polkit-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:polkit-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:rocky:linux:8\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Rocky Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RockyLinux/release\", \"Host/RockyLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RockyLinux/release');\nif (isnull(release) || 'Rocky Linux' >!< release) audit(AUDIT_OS_NOT, 'Rocky Linux');\nvar os_ver = pregmatch(pattern: \"Rocky(?: Linux)? release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Rocky Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Rocky Linux 8.x', 'Rocky Linux ' + os_ver);\n\nif (!get_kb_item('Host/RockyLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Rocky Linux', cpu);\n\nvar pkgs = [\n {'reference':'polkit-0.115-13.el8_5.2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-0.115-13.el8_5.2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-debuginfo-0.115-13.el8_5.2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-debuginfo-0.115-13.el8_5.2', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-debuginfo-0.115-13.el8_5.2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-debugsource-0.115-13.el8_5.2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-debugsource-0.115-13.el8_5.2', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-debugsource-0.115-13.el8_5.2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-devel-0.115-13.el8_5.2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-devel-0.115-13.el8_5.2', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-devel-0.115-13.el8_5.2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-docs-0.115-13.el8_5.2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-libs-0.115-13.el8_5.2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-libs-0.115-13.el8_5.2', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-libs-0.115-13.el8_5.2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-libs-debuginfo-0.115-13.el8_5.2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-libs-debuginfo-0.115-13.el8_5.2', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-libs-debuginfo-0.115-13.el8_5.2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'Rocky-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release && (!exists_check || rpm_exists(release:release, rpm:exists_check))) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'polkit / polkit-debuginfo / polkit-debugsource / polkit-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:32:32", "description": "According to the versions of the polkit packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine. (CVE-2021-4034)\n\n - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the failing process being reaped and a new one being spawned (CVE-2021-4115)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-07-15T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.10.0 : polkit (EulerOS-SA-2022-2033)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4034", "CVE-2021-4115"], "modified": "2023-01-13T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:polkit", "p-cpe:/a:huawei:euleros:polkit-libs", "cpe:/o:huawei:euleros:uvp:2.10.0"], "id": "EULEROS_SA-2022-2033.NASL", "href": "https://www.tenable.com/plugins/nessus/163187", "sourceData": "##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163187);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/13\");\n\n script_cve_id(\"CVE-2021-4034\", \"CVE-2021-4115\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/07/18\");\n\n script_name(english:\"EulerOS Virtualization 2.10.0 : polkit (EulerOS-SA-2022-2033)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the polkit packages installed, the EulerOS Virtualization installation on the remote host\nis affected by the following vulnerabilities :\n\n - A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is\n a setuid tool designed to allow unprivileged users to run commands as privileged users according\n predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly\n and ends trying to execute environment variables as commands. An attacker can leverage this by crafting\n environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully\n executed the attack can cause a local privilege escalation given unprivileged users administrative rights\n on the target machine. (CVE-2021-4034)\n\n - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process\n file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit\n process outage duration is tied to the failing process being reaped and a new one being spawned\n (CVE-2021-4115)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-2033\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?dca96757\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected polkit packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4034\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Local Privilege Escalation in polkits pkexec');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/07/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:polkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:polkit-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.10.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.10.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.10.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"polkit-0.116-6.h5.eulerosv2r10\",\n \"polkit-libs-0.116-6.h5.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"polkit\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:32:08", "description": "According to the versions of the polkit packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine. (CVE-2021-4034)\n\n - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the failing process being reaped and a new one being spawned (CVE-2021-4115)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-07-14T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.10.1 : polkit (EulerOS-SA-2022-2061)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4034", "CVE-2021-4115"], "modified": "2023-01-13T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:polkit", "p-cpe:/a:huawei:euleros:polkit-libs", "cpe:/o:huawei:euleros:uvp:2.10.1"], "id": "EULEROS_SA-2022-2061.NASL", "href": "https://www.tenable.com/plugins/nessus/163123", "sourceData": "##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163123);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/13\");\n\n script_cve_id(\"CVE-2021-4034\", \"CVE-2021-4115\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/07/18\");\n\n script_name(english:\"EulerOS Virtualization 2.10.1 : polkit (EulerOS-SA-2022-2061)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the polkit packages installed, the EulerOS Virtualization installation on the remote host\nis affected by the following vulnerabilities :\n\n - A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is\n a setuid tool designed to allow unprivileged users to run commands as privileged users according\n predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly\n and ends trying to execute environment variables as commands. An attacker can leverage this by crafting\n environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully\n executed the attack can cause a local privilege escalation given unprivileged users administrative rights\n on the target machine. (CVE-2021-4034)\n\n - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process\n file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit\n process outage duration is tied to the failing process being reaped and a new one being spawned\n (CVE-2021-4115)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-2061\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4c1b960b\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected polkit packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4034\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Local Privilege Escalation in polkits pkexec');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/07/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:polkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:polkit-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.10.1\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.10.1\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.10.1\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"polkit-0.116-6.h5.eulerosv2r10\",\n \"polkit-libs-0.116-6.h5.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"polkit\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:39:19", "description": "The version of polkit installed on the remote host is prior to 0.117-10. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-220 advisory.\n\n - A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine. (CVE-2021-4034)\n\n - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the failing process being reaped and a new one being spawned (CVE-2021-4115)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-12-09T00:00:00", "type": "nessus", "title": "Amazon Linux 2022 : polkit (ALAS2022-2022-220)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4034", "CVE-2021-4115"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:polkit", "p-cpe:/a:amazon:linux:polkit-debuginfo", "p-cpe:/a:amazon:linux:polkit-debugsource", "p-cpe:/a:amazon:linux:polkit-devel", "p-cpe:/a:amazon:linux:polkit-docs", "p-cpe:/a:amazon:linux:polkit-libs", "p-cpe:/a:amazon:linux:polkit-libs-debuginfo", "cpe:/o:amazon:linux:2022"], "id": "AL2022_ALAS2022-2022-220.NASL", "href": "https://www.tenable.com/plugins/nessus/168576", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2022 Security Advisory ALAS2022-2022-220.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(168576);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2021-4034\", \"CVE-2021-4115\");\n script_xref(name:\"IAVA\", value:\"2022-A-0055\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/07/18\");\n\n script_name(english:\"Amazon Linux 2022 : polkit (ALAS2022-2022-220)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2022 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of polkit installed on the remote host is prior to 0.117-10. It is, therefore, affected by multiple\nvulnerabilities as referenced in the ALAS2022-2022-220 advisory.\n\n - A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is\n a setuid tool designed to allow unprivileged users to run commands as privileged users according\n predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly\n and ends trying to execute environment variables as commands. An attacker can leverage this by crafting\n environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully\n executed the attack can cause a local privilege escalation given unprivileged users administrative rights\n on the target machine. (CVE-2021-4034)\n\n - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process\n file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit\n process outage duration is tied to the failing process being reaped and a new one being spawned\n (CVE-2021-4115)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2022/ALAS-2022-220.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-4034.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-4115.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update polkit' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4034\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Local Privilege Escalation in polkits pkexec');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/12/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/12/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:polkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:polkit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:polkit-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:polkit-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:polkit-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:polkit-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:polkit-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2022\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar alas_release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d+|-\\d+)\", string:alas_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"-2022\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2022\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar pkgs = [\n {'reference':'polkit-0.117-10.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-0.117-10.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-0.117-10.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-debuginfo-0.117-10.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-debuginfo-0.117-10.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-debuginfo-0.117-10.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-debugsource-0.117-10.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-debugsource-0.117-10.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-debugsource-0.117-10.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-devel-0.117-10.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-devel-0.117-10.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-devel-0.117-10.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-docs-0.117-10.amzn2022.0.2', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-libs-0.117-10.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-libs-0.117-10.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-libs-0.117-10.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-libs-debuginfo-0.117-10.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-libs-debuginfo-0.117-10.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-libs-debuginfo-0.117-10.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"polkit / polkit-debuginfo / polkit-debugsource / etc\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:45:27", "description": "It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-026 advisory.\n\n - A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine. (CVE-2021-4034)\n\n - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the failing process being reaped and a new one being spawned (CVE-2021-4115)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-03-21T00:00:00", "type": "nessus", "title": "Amazon Linux 2023 : polkit, polkit-devel, polkit-libs (ALAS2023-2023-026)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4034", "CVE-2021-4115"], "modified": "2023-03-22T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:polkit", "p-cpe:/a:amazon:linux:polkit-debuginfo", "p-cpe:/a:amazon:linux:polkit-debugsource", "p-cpe:/a:amazon:linux:polkit-devel", "p-cpe:/a:amazon:linux:polkit-docs", "p-cpe:/a:amazon:linux:polkit-libs", "p-cpe:/a:amazon:linux:polkit-libs-debuginfo", "cpe:/o:amazon:linux:2023"], "id": "AL2023_ALAS2023-2023-026.NASL", "href": "https://www.tenable.com/plugins/nessus/173080", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2023 Security Advisory ALAS2023-2023-026.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(173080);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/22\");\n\n script_cve_id(\"CVE-2021-4034\", \"CVE-2021-4115\");\n script_xref(name:\"IAVA\", value:\"2022-A-0055\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/07/18\");\n\n script_name(english:\"Amazon Linux 2023 : polkit, polkit-devel, polkit-libs (ALAS2023-2023-026)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2023 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-026 advisory.\n\n - A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is\n a setuid tool designed to allow unprivileged users to run commands as privileged users according\n predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly\n and ends trying to execute environment variables as commands. An attacker can leverage this by crafting\n environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully\n executed the attack can cause a local privilege escalation given unprivileged users administrative rights\n on the target machine. (CVE-2021-4034)\n\n - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process\n file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit\n process outage duration is tied to the failing process being reaped and a new one being spawned\n (CVE-2021-4115)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2023/ALAS-2023-026.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-4034.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-4115.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/faqs.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'dnf update polkit --releasever=2023.0.20230222 ' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4034\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Local Privilege Escalation in polkits pkexec');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/02/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/03/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:polkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:polkit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:polkit-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:polkit-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:polkit-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:polkit-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:polkit-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2023\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar alas_release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d+|-\\d+)\", string:alas_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"-2023\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2023\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar pkgs = [\n {'reference':'polkit-0.117-10.amzn2023.0.3', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-0.117-10.amzn2023.0.3', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-0.117-10.amzn2023.0.3', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-debuginfo-0.117-10.amzn2023.0.3', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-debuginfo-0.117-10.amzn2023.0.3', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-debuginfo-0.117-10.amzn2023.0.3', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-debugsource-0.117-10.amzn2023.0.3', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-debugsource-0.117-10.amzn2023.0.3', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-debugsource-0.117-10.amzn2023.0.3', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-devel-0.117-10.amzn2023.0.3', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-devel-0.117-10.amzn2023.0.3', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-devel-0.117-10.amzn2023.0.3', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-docs-0.117-10.amzn2023.0.3', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-libs-0.117-10.amzn2023.0.3', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-libs-0.117-10.amzn2023.0.3', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-libs-0.117-10.amzn2023.0.3', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-libs-debuginfo-0.117-10.amzn2023.0.3', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-libs-debuginfo-0.117-10.amzn2023.0.3', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'polkit-libs-debuginfo-0.117-10.amzn2023.0.3', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"polkit / polkit-debuginfo / polkit-debugsource / etc\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:36:01", "description": "According to the versions of the polkit packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine. (CVE-2021-4034)\n\n - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the failing process being reaped and a new one being spawned (CVE-2021-4115)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-10-10T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.6.0 : polkit (EulerOS-SA-2022-2583)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4034", "CVE-2021-4115"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:polkit", "p-cpe:/a:huawei:euleros:polkit-devel", "p-cpe:/a:huawei:euleros:polkit-docs", "p-cpe:/a:huawei:euleros:polkit-libs", "cpe:/o:huawei:euleros:uvp:3.0.6.0"], "id": "EULEROS_SA-2022-2583.NASL", "href": "https://www.tenable.com/plugins/nessus/165930", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165930);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2021-4034\", \"CVE-2021-4115\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/07/18\");\n\n script_name(english:\"EulerOS Virtualization 3.0.6.0 : polkit (EulerOS-SA-2022-2583)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the polkit packages installed, the EulerOS Virtualization installation on the remote host\nis affected by the following vulnerabilities :\n\n - A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is\n a setuid tool designed to allow unprivileged users to run commands as privileged users according\n predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly\n and ends trying to execute environment variables as commands. An attacker can leverage this by crafting\n environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully\n executed the attack can cause a local privilege escalation given unprivileged users administrative rights\n on the target machine. (CVE-2021-4034)\n\n - There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process\n file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit\n process outage duration is tied to the failing process being reaped and a new one being spawned\n (CVE-2021-4115)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-2583\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f3e545e8\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected polkit packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4034\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Local Privilege Escalation in polkits pkexec');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:polkit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:polkit-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:polkit-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:polkit-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.6.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.6.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.6.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"polkit-0.115-2.h15.eulerosv2r8\",\n \"polkit-devel-0.115-2.h15.eulerosv2r8\",\n \"polkit-docs-0.115-2.h15.eulerosv2r8\",\n \"polkit-libs-0.115-2.h15.eulerosv2r8\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"polkit\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "slackware": [{"lastseen": "2023-06-19T15:06:21", "description": "New polkit packages are available for Slackware 15.0 and -current to\nfix a security issue.\n\n\nHere are the details from the Slackware 15.0 ChangeLog:\n\npatches/packages/polkit-0.120-i586-3_slack15.0.txz: Rebuilt.\n Patched to fix a security issue where an unprivileged user could cause a\n denial of service due to process file descriptor exhaustion.\n Thanks to marav.\n For more information, see:\n https://vulners.com/cve/CVE-2021-4115\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 15.0:\nftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/polkit-0.120-i586-3_slack15.0.txz\n\nUpdated package for Slackware x86_64 15.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/polkit-0.120-x86_64-3_slack15.0.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/polkit-0.120-i586-3.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/polkit-0.120-x86_64-3.txz\n\n\nMD5 signatures:\n\nSlackware 15.0 package:\n7e8717d345201b4e9ae1e4d0f2ac4ae6 polkit-0.120-i586-3_slack15.0.txz\n\nSlackware x86_64 15.0 package:\nc12086a9a2b40fce23f5fd2c6e1e748f polkit-0.120-x86_64-3_slack15.0.txz\n\nSlackware -current package:\n964cf813e843882581104f34bbc77063 l/polkit-0.120-i586-3.txz\n\nSlackware x86_64 -current package:\nbcfd423bccf8c2058643adbb40f102a9 l/polkit-0.120-x86_64-3.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg polkit-0.120-i586-3_slack15.0.txz", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-03-12T21:04:57", "type": "slackware", "title": "[slackware-security] polkit", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4115"], "modified": "2022-03-12T21:04:57", "id": "SSA-2022-071-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2022&m=slackware-security.345883", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}], "redhat": [{"lastseen": "2023-08-16T15:27:36", "description": "The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones.\n\nSecurity Fix(es):\n\n* polkit: file descriptor leak allows an unprivileged user to cause a crash (CVE-2021-4115)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-04-26T13:49:20", "type": "redhat", "title": "(RHSA-2022:1546) Moderate: polkit security update", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4115"], "modified": "2022-04-26T21:13:15", "id": "RHSA-2022:1546", "href": "https://access.redhat.com/errata/RHSA-2022:1546", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-08-16T15:27:36", "description": "Red Hat Advanced Cluster Management for Kubernetes 2.3.10 images\n\nRed Hat Advanced Cluster Management for Kubernetes provides the\ncapabilities to address common challenges that administrators and site\nreliability engineers face as they work across a range of public and\nprivate cloud environments. Clusters and applications are all visible and\nmanaged from a single console\u2014with security policy built in.\n\nThis advisory contains the container images for Red Hat Advanced Cluster\nManagement for Kubernetes, which fix several bugs. See the following\nRelease Notes documentation, which will be updated shortly for this\nrelease, for additional details about this release:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html/release_notes/\n\nSecurity updates:\n\n* Follow-redirects: Exposure of Private Personal Information to an Unauthorized Actor (CVE-2022-0155)\n\n* Node-fetch: exposure of sensitive information to an unauthorized actor (CVE-2022-0235)\n\n* Follow-redirects: Exposure of Sensitive Information via Authorization Header leak (CVE-2022-0536)\n\n* Urijs: Authorization Bypass Through User-Controlled Key (CVE-2022-0613)\n\n* Urijs: Leading white space bypasses protocol validation (CVE-2022-24723)\n\n* Nconf: Prototype pollution in memory store (CVE-2022-21803)\n\n* Moment.js: Path traversal in moment.locale (CVE-2022-24785)\n\nBug fixes:\n\n* RHACM 2.3.10 images", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-05-04T21:09:57", "type": "redhat", "title": "(RHSA-2022:1715) Moderate: Red Hat Advanced Cluster Management 2.3.10 security updates and bug fixes", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-25032", "CVE-2021-4028", "CVE-2021-4083", "CVE-2021-4115", "CVE-2022-0155", "CVE-2022-0235", "CVE-2022-0536", "CVE-2022-0613", "CVE-2022-0711", "CVE-2022-1154", "CVE-2022-1271", "CVE-2022-21803", "CVE-2022-24723", "CVE-2022-24785", "CVE-2022-25636"], "modified": "2022-05-04T21:10:15", "id": "RHSA-2022:1715", "href": "https://access.redhat.com/errata/RHSA-2022:1715", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T15:27:36", "description": "Red Hat Advanced Cluster Management for Kubernetes 2.4.4 images\n\nRed Hat Advanced Cluster Management for Kubernetes provides the\ncapabilities to address common challenges that administrators and site\nreliability engineers face as they work across a range of public and\nprivate cloud environments. Clusters and applications are all visible and\nmanaged from a single console\u2014with security policy built in.\n\nThis advisory contains the container images for Red Hat Advanced Cluster\nManagement for Kubernetes, which fix several bugs. See the following\nRelease Notes documentation, which will be updated shortly for this\nrelease, for additional details about this release:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.4/html/release_notes/\n\nSecurity fixes:\n\n* Vm2: vulnerable to Sandbox Bypass (CVE-2021-23555)\n\n* Golang.org/x/crypto: empty plaintext packet causes panic (CVE-2021-43565)\n\n* Follow-redirects: Exposure of Private Personal Information to an Unauthorized Actor (CVE-2022-0155)\n\n* Node-fetch: exposure of sensitive information to an unauthorized actor (CVE-2022-0235)\n\n* Follow-redirects: Exposure of Sensitive Information via Authorization Header leak (CVE-2022-0536)\n\n* Urijs: Authorization Bypass Through User-Controlled Key (CVE-2022-0613)\n\n* Nconf: Prototype pollution in memory store (CVE-2022-21803)\n\n* Nats-server: misusing the \"dynamically provisioned sandbox accounts\" feature authenticated user can obtain the privileges of the System account (CVE-2022-24450)\n\n* Urijs: Leading white space bypasses protocol validation (CVE-2022-24723)\n\n* Node-forge: Signature verification leniency in checking `digestAlgorithm` structure can lead to signature forgery (CVE-2022-24771)\n\n* Node-forge: Signature verification failing to check tailing garbage bytes can lead to signature forgery (CVE-2022-24772)\n\n* Node-forge: Signature verification leniency in checking `DigestInfo` structure (CVE-2022-24773)\n\n* Cross-fetch: Exposure of Private Personal Information to an Unauthorized Actor (CVE-2022-1365)\n\n* Moment.js: Path traversal in moment.locale (CVE-2022-24785)\n\nBug fixes:\n\n* Failed ClusterDeployment validation errors do not surface through the ClusterPool UI (Bugzilla #1995380)\n\n* Agents wrong validation failure on failing to fetch image needed for installation (Bugzilla #2008583)\n\n* Fix catalogsource name (Bugzilla #2038250)\n\n* When the ocp console operator is disable on the managed cluster, the cluster claims failed to update (Bugzilla #2057761)\n\n* Multicluster-operators-hub-subscription OOMKilled (Bugzilla #2053308)\n\n* RHACM 2.4.1 Console becomes unstable and refuses login after one hour (Bugzilla #2061958)\n\n* RHACM 2.4.4 images (Bugzilla #2077548)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-05-03T14:27:08", "type": "redhat", "title": "(RHSA-2022:1681) Moderate: Red Hat Advanced Cluster Management 2.4.4 security updates and bug fixes", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-25032", "CVE-2021-23555", "CVE-2021-4028", "CVE-2021-4115", "CVE-2021-43565", "CVE-2022-0155", "CVE-2022-0235", "CVE-2022-0536", "CVE-2022-0613", "CVE-2022-1154", "CVE-2022-1271", "CVE-2022-1365", "CVE-2022-21803", "CVE-2022-24450", "CVE-2022-24723", "CVE-2022-24771", "CVE-2022-24772", "CVE-2022-24773", "CVE-2022-24785", "CVE-2022-25636"], "modified": "2022-05-03T14:27:26", "id": "RHSA-2022:1681", "href": "https://access.redhat.com/errata/RHSA-2022:1681", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-03T15:19:08", "description": "OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.\n\nThis advisory contains the following OpenShift Virtualization 4.11.0 images:\n\nRHEL-8-CNV-4.11\n===============\nhostpath-provisioner-container-v4.11.0-21\nkubevirt-tekton-tasks-operator-container-v4.11.0-29\nkubevirt-template-validator-container-v4.11.0-17\nbridge-marker-container-v4.11.0-26\nhostpath-csi-driver-container-v4.11.0-21\ncluster-network-addons-operator-container-v4.11.0-26\novs-cni-marker-container-v4.11.0-26\nvirtio-win-container-v4.11.0-16\novs-cni-plugin-container-v4.11.0-26\nkubemacpool-container-v4.11.0-26\nhostpath-provisioner-operator-container-v4.11.0-24\ncnv-containernetworking-plugins-container-v4.11.0-26\nkubevirt-ssp-operator-container-v4.11.0-54\nvirt-cdi-uploadserver-container-v4.11.0-59\nvirt-cdi-cloner-container-v4.11.0-59\nvirt-cdi-operator-container-v4.11.0-59\nvirt-cdi-importer-container-v4.11.0-59\nvirt-cdi-uploadproxy-container-v4.11.0-59\nvirt-cdi-controller-container-v4.11.0-59\nvirt-cdi-apiserver-container-v4.11.0-59\nkubevirt-tekton-tasks-modify-vm-template-container-v4.11.0-7\nkubevirt-tekton-tasks-create-vm-from-template-container-v4.11.0-7\nkubevirt-tekton-tasks-copy-template-container-v4.11.0-7\ncheckup-framework-container-v4.11.0-67\nkubevirt-tekton-tasks-cleanup-vm-container-v4.11.0-7\nkubevirt-tekton-tasks-disk-virt-sysprep-container-v4.11.0-7\nkubevirt-tekton-tasks-wait-for-vmi-status-container-v4.11.0-7\nkubevirt-tekton-tasks-disk-virt-customize-container-v4.11.0-7\nvm-network-latency-checkup-container-v4.11.0-67\nkubevirt-tekton-tasks-create-datavolume-container-v4.11.0-7\nhyperconverged-cluster-webhook-container-v4.11.0-95\ncnv-must-gather-container-v4.11.0-62\nhyperconverged-cluster-operator-container-v4.11.0-95\nkubevirt-console-plugin-container-v4.11.0-83\nvirt-controller-container-v4.11.0-105\nvirt-handler-container-v4.11.0-105\nvirt-operator-container-v4.11.0-105\nvirt-launcher-container-v4.11.0-105\nvirt-artifacts-server-container-v4.11.0-105\nvirt-api-container-v4.11.0-105\nlibguestfs-tools-container-v4.11.0-105\nhco-bundle-registry-container-v4.11.0-587\n\nSecurity Fix(es):\n\n* golang: net/http: limit growth of header canonicalization cache (CVE-2021-44716)\n\n* kubeVirt: Arbitrary file read on the host from KubeVirt VMs (CVE-2022-1798)\n\n* golang: out-of-bounds read in golang.org/x/text/language leads to DoS (CVE-2021-38561)\n\n* golang: syscall: don't close fd 0 on ForkExec error (CVE-2021-44717)\n\n* prometheus/client_golang: Denial of service using InstrumentHandlerCounter (CVE-2022-21698)\n\n* golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString (CVE-2022-23772)\n\n* golang: cmd/go: misinterpretation of branch names can lead to incorrect access control (CVE-2022-23773)\n\n* golang: crypto/elliptic: IsOnCurve returns true for invalid field elements (CVE-2022-23806)\n\n* golang: encoding/pem: fix stack overflow in Decode (CVE-2022-24675)\n\n* golang: regexp: stack exhaustion via a deeply nested expression (CVE-2022-24921)\n\n* golang: crash in a golang.org/x/crypto/ssh server (CVE-2022-27191)\n\n* golang: crypto/elliptic: panic caused by oversized scalar (CVE-2022-28327)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-14T16:32:31", "type": "redhat", "title": "(RHSA-2022:6526) Important: OpenShift Virtualization 4.11.0 Images security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-25032", "CVE-2019-13750", "CVE-2019-13751", "CVE-2019-17594", "CVE-2019-17595", "CVE-2019-18218", "CVE-2019-19603", "CVE-2019-20838", "CVE-2019-5827", "CVE-2020-13435", "CVE-2020-14155", "CVE-2020-17541", "CVE-2020-24370", "CVE-2020-35492", "CVE-2021-20231", "CVE-2021-20232", "CVE-2021-23177", "CVE-2021-25219", "CVE-2021-31535", "CVE-2021-31566", "CVE-2021-3580", "CVE-2021-36084", "CVE-2021-36085", "CVE-2021-36086", "CVE-2021-36087", "CVE-2021-3634", "CVE-2021-3737", "CVE-2021-38185", "CVE-2021-38561", "CVE-2021-40528", "CVE-2021-4115", "CVE-2021-4189", "CVE-2021-43527", "CVE-2021-44716", "CVE-2021-44717", "CVE-2022-0778", "CVE-2022-1271", "CVE-2022-1292", "CVE-2022-1621", "CVE-2022-1629", "CVE-2022-1798", "CVE-2022-2068", "CVE-2022-2097", "CVE-2022-21698", "CVE-2022-22576", "CVE-2022-23772", "CVE-2022-23773", "CVE-2022-23806", "CVE-2022-24407", "CVE-2022-24675", "CVE-2022-24921", "CVE-2022-25313", "CVE-2022-25314", "CVE-2022-27191", "CVE-2022-27774", "CVE-2022-27776", "CVE-2022-27782", "CVE-2022-28327", "CVE-2022-29824"], "modified": "2022-09-14T16:32:56", "id": "RHSA-2022:6526", "href": "https://access.redhat.com/errata/RHSA-2022:6526", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-03T15:19:08", "description": "Red Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the container images for Red Hat OpenShift Container Platform 4.11.0. See the following advisory for the RPM packages for this release:\n\nhttps://access.redhat.com/errata/RHSA-2022:5068\n\nSpace precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:\n\nhttps://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html\n\nSecurity Fix(es):\n\n* go-getter: command injection vulnerability (CVE-2022-26945)\n* go-getter: unsafe download (issue 1 of 3) (CVE-2022-30321)\n* go-getter: unsafe download (issue 2 of 3) (CVE-2022-30322)\n* go-getter: unsafe download (issue 3 of 3) (CVE-2022-30323)\n* nanoid: Information disclosure via valueOf() function (CVE-2021-23566)\n* sanitize-url: XSS (CVE-2021-23648)\n* minimist: prototype pollution (CVE-2021-44906)\n* node-fetch: exposure of sensitive information to an unauthorized actor (CVE-2022-0235)\n* prometheus/client_golang: Denial of service using InstrumentHandlerCounter (CVE-2022-21698)\n* golang: crash in a golang.org/x/crypto/ssh server (CVE-2022-27191)\n* go-getter: writes SSH credentials into logfile, exposing sensitive credentials to local uses (CVE-2022-29810)\n* opencontainers: OCI manifest and index parsing confusion (CVE-2021-41190)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nYou may download the oc tool and use it to inspect release image metadata as follows:\n\n(For x86_64 architecture)\n\n $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.11.0-x86_64\n\nThe image digest is sha256:300bce8246cf880e792e106607925de0a404484637627edf5f517375517d54a4\n\n(For aarch64 architecture)\n\n $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.11.0-aarch64\n\nThe image digest is sha256:29fa8419da2afdb64b5475d2b43dad8cc9205e566db3968c5738e7a91cf96dfe\n\n(For s390x architecture)\n\n $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.11.0-s390x\n\nThe image digest is sha256:015d6180238b4024d11dfef6751143619a0458eccfb589f2058ceb1a6359dd46\n\n(For ppc64le architecture)\n\n $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.11.0-ppc64le\n\nThe image digest is sha256:5052f8d5597c6656ca9b6bfd3de521504c79917aa80feb915d3c8546241f86ca\n\nAll OpenShift Container Platform 4.11 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available\nat https://docs.openshift.com/container-platform/4.11/updating/updating-cluster-cli.html", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-08-10T10:23:32", "type": "redhat", "title": "(RHSA-2022:5069) Important: OpenShift Container Platform 4.11.0 bug fix and security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-25009", "CVE-2018-25010", "CVE-2018-25012", "CVE-2018-25013", "CVE-2018-25014", "CVE-2018-25032", "CVE-2019-13750", "CVE-2019-13751", "CVE-2019-17594", "CVE-2019-17595", "CVE-2019-18218", "CVE-2019-19603", "CVE-2019-20838", "CVE-2019-5827", "CVE-2020-13435", "CVE-2020-14155", "CVE-2020-17541", "CVE-2020-19131", "CVE-2020-24370", "CVE-2020-28493", "CVE-2020-35492", "CVE-2020-36330", "CVE-2020-36331", "CVE-2020-36332", "CVE-2021-20095", "CVE-2021-20231", "CVE-2021-20232", "CVE-2021-23177", "CVE-2021-23566", "CVE-2021-23648", "CVE-2021-25219", "CVE-2021-31535", "CVE-2021-31566", "CVE-2021-3481", "CVE-2021-3580", "CVE-2021-36084", "CVE-2021-36085", "CVE-2021-36086", "CVE-2021-36087", "CVE-2021-3634", "CVE-2021-3672", "CVE-2021-3695", "CVE-2021-3696", "CVE-2021-3697", "CVE-2021-3737", "CVE-2021-38185", "CVE-2021-38593", "CVE-2021-40528", "CVE-2021-4115", "CVE-2021-41190", "CVE-2021-4156", "CVE-2021-41617", "CVE-2021-4189", "CVE-2021-42771", "CVE-2021-43527", "CVE-2021-43565", "CVE-2021-43818", "CVE-2021-44225", "CVE-2021-44906", "CVE-2022-0235", "CVE-2022-0778", "CVE-2022-1012", "CVE-2022-1215", "CVE-2022-1271", "CVE-2022-1292", "CVE-2022-1586", "CVE-2022-1621", "CVE-2022-1629", "CVE-2022-1706", "CVE-2022-1729", "CVE-2022-2068", "CVE-2022-2097", "CVE-2022-21698", "CVE-2022-22576", "CVE-2022-23772", "CVE-2022-23773", "CVE-2022-23806", "CVE-2022-24407", "CVE-2022-24675", "CVE-2022-24903", "CVE-2022-24921", "CVE-2022-25313", "CVE-2022-25314", "CVE-2022-26691", "CVE-2022-26945", "CVE-2022-27191", "CVE-2022-27774", "CVE-2022-27776", "CVE-2022-27782", "CVE-2022-28327", "CVE-2022-28733", "CVE-2022-28734", "CVE-2022-28735", "CVE-2022-28736", "CVE-2022-28737", "CVE-2022-29162", "CVE-2022-29810", "CVE-2022-29824", "CVE-2022-30321", "CVE-2022-30322", "CVE-2022-30323", "CVE-2022-32250"], "modified": "2022-08-29T01:42:10", "id": "RHSA-2022:5069", "href": "https://access.redhat.com/errata/RHSA-2022:5069", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "veracode": [{"lastseen": "2022-08-13T01:25:17", "description": "policykit-1:sid is vulnerable to denial of service. Lack of proper handling of call returns causes the process file descriptor exhaustion.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-02-21T15:47:54", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4115"], "modified": "2022-08-09T06:22:11", "id": "VERACODE:34333", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-34333/summary", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}], "altlinux": [{"lastseen": "2022-06-10T03:04:27", "description": "0.120-alt1.qa2 built May 6, 2022 Sergey V Turchin in task [#299494](<https://git.altlinux.org/tasks/299494/>) \n--- \nFeb. 28, 2022 Yuri N. Sedunov \n \n \n - upplied upstream fix for CVE-2021-4115 (GHSL-2021-077)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-05-06T00:00:00", "type": "altlinux", "title": "Security fix for the ALT Linux 10 package polkit version 0.120-alt1.qa2", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4115"], "modified": "2022-05-06T00:00:00", "id": "28340433AB5B58C94A1D269C71CEDAF6", "href": "https://packages.altlinux.org/en/p10/srpms/polkit/2774777377783185460", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}], "redhatcve": [{"lastseen": "2023-07-29T17:42:10", "description": "There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the failing process being reaped and a new one being spawned.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-02-14T13:37:16", "type": "redhatcve", "title": "CVE-2021-4115", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4115"], "modified": "2023-07-28T14:48:49", "id": "RH:CVE-2021-4115", "href": "https://access.redhat.com/security/cve/cve-2021-4115", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}], "rocky": [{"lastseen": "2023-07-24T17:24:53", "description": "An update is available for polkit.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list\nThe polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones.\n\nSecurity Fix(es):\n\n* polkit: file descriptor leak allows an unprivileged user to cause a crash (CVE-2021-4115)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-04-26T13:49:20", "type": "rocky", "title": "polkit security update", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4115"], "modified": "2022-04-26T13:49:20", "id": "RLSA-2022:1546", "href": "https://errata.rockylinux.org/RLSA-2022:1546", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}], "oraclelinux": [{"lastseen": "2022-04-27T19:31:45", "description": "[0.115-13.0.1.el8_5.2]\n- Increase timeout to avoid defunct processes [Orabug: 26930744]\n[0.115-13.el8_5.2]\n- necessary version bump due to build versioning\n- Resolves: CVE-2021-4115", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-04-27T00:00:00", "type": "oraclelinux", "title": "polkit security update", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4115"], "modified": "2022-04-27T00:00:00", "id": "ELSA-2022-1546", "href": "http://linux.oracle.com/errata/ELSA-2022-1546.html", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}], "mageia": [{"lastseen": "2023-06-19T16:34:57", "description": "There is a file descriptor leak in polkit, which can enable an unprivileged user to cause polkit to crash, due to file descriptor exhaustion. (CVE-2021-4115) \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-02-22T20:15:16", "type": "mageia", "title": "Updated polkit packages fix security vulnerability\n", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4115"], "modified": "2022-02-22T20:15:16", "id": "MGASA-2022-0080", "href": "https://advisories.mageia.org/MGASA-2022-0080.html", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}], "almalinux": [{"lastseen": "2023-09-27T21:01:03", "description": "The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones.\n\nSecurity Fix(es):\n\n* polkit: file descriptor leak allows an unprivileged user to cause a crash (CVE-2021-4115)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-04-26T13:49:20", "type": "almalinux", "title": "Moderate: polkit security update", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4115"], "modified": "2023-03-13T16:33:23", "id": "ALSA-2022:1546", "href": "https://errata.almalinux.org/8/ALSA-2022-1546.html", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}], "redos": [{"lastseen": "2023-09-08T15:16:22", "description": "A vulnerability in the Polkit library is related to process file descriptor exhaustion in polkit. Exploitation\r\n exploitation of the vulnerability could allow an attacker to perform a denial of service (DoS) attack.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-03-18T00:00:00", "type": "redos", "title": "ROS-20220318-03", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4115"], "modified": "2022-03-18T00:00:00", "id": "ROS-20220318-03", "href": "https://redos.red-soft.ru/support/secure/uyazvimosti/uyazvimost-biblioteki-polkit-cve-2021-4115/", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}], "prion": [{"lastseen": "2023-08-16T07:16:17", "description": "There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the failing process being reaped and a new one being spawned", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-02-21T22:15:00", "type": "prion", "title": "CVE-2021-4115", "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4115"], "modified": "2023-06-12T07:16:00", "id": "PRION:CVE-2021-4115", "href": "https://kb.prio-n.com/vulnerability/CVE-2021-4115", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}], "ubuntu": [{"lastseen": "2023-06-19T15:30:24", "description": "## Releases\n\n * Ubuntu 21.10 \n * Ubuntu 20.04 LTS\n\n## Packages\n\n * policykit-1 \\- framework for managing administrative policies and privileges\n\nKevin Backhouse discovered that PolicyKit incorrectly handled file \ndescriptors. A local attacker could possibly use this issue to cause \nPolicyKit to crash, resulting in a denial of service.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-02-28T00:00:00", "type": "ubuntu", "title": "PolicyKit vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4115"], "modified": "2022-02-28T00:00:00", "id": "USN-5304-1", "href": "https://ubuntu.com/security/notices/USN-5304-1", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}], "suse": [{"lastseen": "2022-04-18T12:39:45", "description": "An update that fixes one vulnerability is now available.\n\nDescription:\n\n This update for polkit fixes the following issues:\n\n - CVE-2021-4115: Fixed a denial of service via file descriptor leak\n (bsc#1195542).\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.4:\n\n zypper in -t patch openSUSE-SLE-15.4-2022-525=1\n\n - openSUSE Leap 15.3:\n\n zypper in -t patch openSUSE-SLE-15.3-2022-525=1", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-02-21T00:00:00", "type": "suse", "title": "Security update for polkit (moderate)", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4115"], "modified": "2022-02-21T00:00:00", "id": "OPENSUSE-SU-2022:0525-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/D6R7S5GYVKZ4LZLTJ5KNEDZRGJISXBAZ/", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}], "ubuntucve": [{"lastseen": "2023-06-29T13:39:46", "description": "There is a flaw in polkit which can allow an unprivileged user to cause\npolkit to crash, due to process file descriptor exhaustion. The highest\nthreat from this vulnerability is to availability. NOTE: Polkit process\noutage duration is tied to the failing process being reaped and a new one\nbeing spawned\n\n#### Notes\n\nAuthor| Note \n---|--- \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | Introduced by backported patch in focal+: PolkitSystemBusName-Retrieve-both-pid-and-uid.patch\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-02-14T00:00:00", "type": "ubuntucve", "title": "CVE-2021-4115", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4115"], "modified": "2022-02-14T00:00:00", "id": "UB:CVE-2021-4115", "href": "https://ubuntu.com/security/CVE-2021-4115", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}], "debiancve": [{"lastseen": "2023-06-19T15:24:18", "description": "There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the failing process being reaped and a new one being spawned", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-02-21T22:15:00", "type": "debiancve", "title": "CVE-2021-4115", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4115"], "modified": "2022-02-21T22:15:00", "id": "DEBIANCVE:CVE-2021-4115", "href": "https://security-tracker.debian.org/tracker/CVE-2021-4115", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}], "photon": [{"lastseen": "2023-09-30T01:09:48", "description": "Updates of ['python-numpy', 'polkit'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-02-07T00:00:00", "type": "photon", "title": "Important Photon OS Security Update - PHSA-2022-0470", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4115", "CVE-2021-41496"], "modified": "2022-02-07T00:00:00", "id": "PHSA-2022-0470", "href": "https://github.com/vmware/photon/wiki/Security-Update-1.0-470", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-05-12T18:38:56", "description": "Updates of ['polkit', 'vim'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-02-07T00:00:00", "type": "photon", "title": "Important Photon OS Security Update - PHSA-2022-0362", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4115", "CVE-2022-0359", "CVE-2022-0361", "CVE-2022-0408"], "modified": "2022-02-07T00:00:00", "id": "PHSA-2022-0362", "href": "https://github.com/vmware/photon/wiki/Security-Update-3.0-362", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-12T18:53:31", "description": "Updates of ['vim', 'polkit', 'go'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-02-07T00:00:00", "type": "photon", "title": "Important Photon OS Security Update - PHSA-2022-0154", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4115", "CVE-2021-44716", "CVE-2021-44717", "CVE-2022-0359", "CVE-2022-0361", "CVE-2022-0408"], "modified": "2022-02-07T00:00:00", "id": "PHSA-2022-0154", "href": "https://github.com/vmware/photon/wiki/Security-Update-4.0-154", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-07-29T18:54:00", "description": "Updates of ['go', 'linux-aws', 'linux', 'polkit', 'linux-esx', 'apache-tomcat', 'linux-secure'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-07T00:00:00", "type": "photon", "title": "Important Photon OS Security Update - PHSA-2022-0440", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4115", "CVE-2021-44716", "CVE-2021-44717", "CVE-2022-0435", "CVE-2022-0492", "CVE-2022-23181"], "modified": "2022-02-07T00:00:00", "id": "PHSA-2022-0440", "href": "https://github.com/vmware/photon/wiki/Security-Update-2.0-440", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-09-29T06:31:53", "description": "Updates of ['go', 'apache-tomcat', 'vim', 'polkit'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-02-17T00:00:00", "type": "photon", "title": "Important Photon OS Security Update - PHSA-2022-4.0-0154", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4115", "CVE-2021-44716", "CVE-2021-44717", "CVE-2022-0359", "CVE-2022-0361", "CVE-2022-0408", "CVE-2022-23181"], "modified": "2022-02-17T00:00:00", "id": "PHSA-2022-4.0-0154", "href": "https://github.com/vmware/photon/wiki/Security-Update-4.0-154", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-09-29T07:52:16", "description": "Updates of ['linux-esx', 'linux-rt', 'linux', 'vim', 'polkit', 'linux-secure', 'linux-aws'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-02-17T00:00:00", "type": "photon", "title": "Important Photon OS Security Update - PHSA-2022-3.0-0362", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-36516", "CVE-2021-4115", "CVE-2021-4173", "CVE-2021-43976", "CVE-2022-0359", "CVE-2022-0361", "CVE-2022-0408", "CVE-2022-0487", "CVE-2022-0617", "CVE-2022-1678", "CVE-2022-24959"], "modified": "2022-02-17T00:00:00", "id": "PHSA-2022-3.0-0362", "href": "https://github.com/vmware/photon/wiki/Security-Update-3.0-362", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "archlinux": [{"lastseen": "2023-09-20T02:58:51", "description": "Arch Linux Security Advisory ASA-202204-2\n=========================================\n\nSeverity: High\nDate : 2022-04-04\nCVE-ID : CVE-2021-4034 CVE-2021-4115\nPackage : polkit\nType : multiple issues\nRemote : No\nLink : https://security.archlinux.org/AVG-2654\n\nSummary\n=======\n\nThe package polkit before version 0.120-5 is vulnerable to multiple\nissues including privilege escalation and denial of service.\n\nResolution\n==========\n\nUpgrade to 0.120-5.\n\n# pacman -Syu \"polkit>=0.120-5\"\n\nThe problems have been fixed upstream but no release is available yet.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\n- CVE-2021-4034 (privilege escalation)\n\nA local privilege escalation vulnerability was found on polkit's pkexec\nutility. The pkexec application is a setuid tool designed to allow\nunprivileged users to run commands as privileged users according\npredefined policies. The current version of pkexec doesn't handle the\ncalling parameters count correctly and ends trying to execute\nenvironment variables as commands. An attacker can leverage this by\ncrafting environment variables in such a way it'll induce pkexec to\nexecute arbitrary code. When successfully executed the attack can cause\na local privilege escalation given unprivileged users administrative\nrights on the target machine.\n\n- CVE-2021-4115 (denial of service)\n\nThere is a file descriptor leak in polkit, which can enable an\nunprivileged user to cause polkit to crash, due to file descriptor\nexhaustion.\n\nImpact\n======\n\nA local attacker is able to crash the process or elevate privileges on\nthe affected host.\n\nReferences\n==========\n\nhttps://access.redhat.com/security/cve/CVE-2021-4034\nhttps://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt\nhttps://gitlab.freedesktop.org/polkit/polkit/-/commit/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683\nhttps://www.openwall.com/lists/oss-security/2022/02/18/5\nhttps://gitlab.freedesktop.org/polkit/polkit/-/issues/141\nhttps://gitlab.freedesktop.org/polkit/polkit/-/commit/41cb093f554da8772362654a128a84dd8a5542a7\nhttps://security.archlinux.org/CVE-2021-4034\nhttps://security.archlinux.org/CVE-2021-4115", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-04-04T00:00:00", "type": "archlinux", "title": "[ASA-202204-2] polkit: multiple issues", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4034", "CVE-2021-4115"], "modified": "2022-04-04T00:00:00", "id": "ASA-202204-2", "href": "https://security.archlinux.org/ASA-202204-2", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "oracle": [{"lastseen": "2023-09-30T02:41:45", "description": "A Critical Patch Update is a collection of patches for multiple security vulnerabilities. These patches address vulnerabilities in Oracle code and in third-party components included in Oracle products. These patches are usually cumulative, but each advisory describes only the security patches added since the previous Critical Patch Update Advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security patches. Refer to [\u201cCritical Patch Updates, Security Alerts and Bulletins\u201d](<https://www.oracle.com/security-alerts/>) for information about Oracle Security advisories. \n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released security patches. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update security patches without delay.**\n\nThis Critical Patch Update contains 349 new security patches across the product families listed below. Please note that an MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [ July 2022 Critical Patch Update: Executive Summary and Analysis](<https://support.oracle.com/rs?type=doc&id=2880220.1>).\n\n**Please note that since the release of the April 2022 Critical Patch Update, Oracle has released a Security Alert for Oracle E-Business Suite [CVE-2022-21500 (May 19, 2022)](<https://www.oracle.com/security-alerts/alert-cve-2022-21500.html>). Customers are strongly advised to apply the July 2022 Critical Patch Update for Oracle E-Business Suite, which includes patches for this Alert as well as additional patches.**\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-07-19T00:00:00", "type": "oracle", "title": "Oracle Critical Patch Update Advisory - July 2022", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1259", "CVE-2018-1273", "CVE-2018-1274", "CVE-2018-18074", "CVE-2018-25032", "CVE-2018-8032", "CVE-2019-0219", "CVE-2019-0220", "CVE-2019-0227", "CVE-2019-10082", "CVE-2019-10086", "CVE-2019-17495", "CVE-2019-17571", "CVE-2019-20916", "CVE-2019-9636", "CVE-2019-9740", "CVE-2020-0404", "CVE-2020-10683", "CVE-2020-11022", "CVE-2020-11023", "CVE-2020-11987", "CVE-2020-13974", "CVE-2020-14343", "CVE-2020-1747", "CVE-2020-17521", "CVE-2020-1927", "CVE-2020-25649", "CVE-2020-26137", "CVE-2020-26184", "CVE-2020-26185", "CVE-2020-26237", "CVE-2020-27619", "CVE-2020-27820", "CVE-2020-28052", "CVE-2020-28491", "CVE-2020-28500", "CVE-2020-29396", "CVE-2020-29505", "CVE-2020-29506", "CVE-2020-29507", "CVE-2020-29508", "CVE-2020-29651", "CVE-2020-35163", "CVE-2020-35164", "CVE-2020-35166", "CVE-2020-35167", "CVE-2020-35168", "CVE-2020-35169", "CVE-2020-35490", "CVE-2020-35491", "CVE-2020-35728", "CVE-2020-36179", "CVE-2020-36180", "CVE-2020-36181", "CVE-2020-36182", "CVE-2020-36183", "CVE-2020-36184", "CVE-2020-36185", "CVE-2020-36186", "CVE-2020-36187", "CVE-2020-36188", "CVE-2020-36189", "CVE-2020-36518", "CVE-2020-4788", "CVE-2020-5258", "CVE-2020-5397", "CVE-2020-5398", "CVE-2020-7656", "CVE-2020-7712", "CVE-2020-9484", "CVE-2020-9492", "CVE-2021-20322", "CVE-2021-21781", "CVE-2021-22118", "CVE-2021-22119", "CVE-2021-22931", "CVE-2021-22939", "CVE-2021-22940", "CVE-2021-22946", "CVE-2021-22947", "CVE-2021-23337", "CVE-2021-23450", "CVE-2021-2351", "CVE-2021-23926", "CVE-2021-26291", "CVE-2021-29154", "CVE-2021-29425", "CVE-2021-29505", "CVE-2021-29921", "CVE-2021-30129", "CVE-2021-31684", "CVE-2021-3177", "CVE-2021-31805", "CVE-2021-31811", "CVE-2021-31812", "CVE-2021-33560", "CVE-2021-33813", "CVE-2021-34141", "CVE-2021-34429", "CVE-2021-3449", "CVE-2021-3450", "CVE-2021-35043", "CVE-2021-35515", "CVE-2021-35516", "CVE-2021-35517", "CVE-2021-3572", "CVE-2021-35940", "CVE-2021-36090", "CVE-2021-3612", "CVE-2021-36373", "CVE-2021-36374", "CVE-2021-3672", "CVE-2021-37136", "CVE-2021-37137", "CVE-2021-37159", "CVE-2021-3737", "CVE-2021-3743", "CVE-2021-3744", "CVE-2021-3749", "CVE-2021-3752", "CVE-2021-37714", "CVE-2021-3772", "CVE-2021-3773", "CVE-2021-37750", "CVE-2021-38153", "CVE-2021-38296", "CVE-2021-38604", "CVE-2021-39139", "CVE-2021-39140", "CVE-2021-39141", "CVE-2021-39144", "CVE-2021-39145", "CVE-2021-39146", "CVE-2021-39147", "CVE-2021-39148", "CVE-2021-39149", "CVE-2021-39150", "CVE-2021-39151", "CVE-2021-39152", "CVE-2021-39153", "CVE-2021-39154", "CVE-2021-4002", "CVE-2021-40690", "CVE-2021-4083", "CVE-2021-4104", "CVE-2021-4115", "CVE-2021-41182", "CVE-2021-41183", "CVE-2021-41184", "CVE-2021-41303", "CVE-2021-41495", "CVE-2021-41496", "CVE-2021-4157", "CVE-2021-4160", "CVE-2021-41617", "CVE-2021-41771", "CVE-2021-41772", "CVE-2021-4197", "CVE-2021-4203", "CVE-2021-42340", "CVE-2021-42575", "CVE-2021-42739", "CVE-2021-43389", "CVE-2021-43396", "CVE-2021-43797", "CVE-2021-43818", "CVE-2021-43859", "CVE-2021-43976", "CVE-2021-44531", "CVE-2021-44532", "CVE-2021-44533", "CVE-2021-44832", "CVE-2021-45485", "CVE-2021-45486", "CVE-2021-45943", "CVE-2022-0001", "CVE-2022-0002", "CVE-2022-0286", "CVE-2022-0322", "CVE-2022-0778", "CVE-2022-0839", "CVE-2022-1011", "CVE-2022-1154", "CVE-2022-1271", "CVE-2022-1292", "CVE-2022-21428", "CVE-2022-21429", "CVE-2022-21432", "CVE-2022-21439", "CVE-2022-21455", "CVE-2022-21500", "CVE-2022-21508", "CVE-2022-21509", "CVE-2022-21510", "CVE-2022-21511", "CVE-2022-21512", "CVE-2022-21513", "CVE-2022-21514", "CVE-2022-21515", "CVE-2022-21516", "CVE-2022-21517", "CVE-2022-21518", "CVE-2022-21519", "CVE-2022-21520", "CVE-2022-21521", "CVE-2022-21522", "CVE-2022-21523", "CVE-2022-21524", "CVE-2022-21525", "CVE-2022-21526", "CVE-2022-21527", "CVE-2022-21528", "CVE-2022-21529", "CVE-2022-21530", "CVE-2022-21531", "CVE-2022-21532", "CVE-2022-21533", "CVE-2022-21534", "CVE-2022-21535", "CVE-2022-21536", "CVE-2022-21537", "CVE-2022-21538", "CVE-2022-21539", "CVE-2022-21540", "CVE-2022-21541", "CVE-2022-21542", "CVE-2022-21543", "CVE-2022-21544", "CVE-2022-21545", "CVE-2022-21547", "CVE-2022-21548", "CVE-2022-21549", "CVE-2022-21550", "CVE-2022-21551", "CVE-2022-21552", "CVE-2022-21553", "CVE-2022-21554", "CVE-2022-21555", "CVE-2022-21556", "CVE-2022-21557", "CVE-2022-21558", "CVE-2022-21559", "CVE-2022-21560", "CVE-2022-21561", "CVE-2022-21562", "CVE-2022-21563", "CVE-2022-21564", "CVE-2022-21565", "CVE-2022-21566", "CVE-2022-21567", "CVE-2022-21568", "CVE-2022-21569", "CVE-2022-21570", "CVE-2022-21571", "CVE-2022-21572", "CVE-2022-21573", "CVE-2022-21574", "CVE-2022-21575", "CVE-2022-21576", "CVE-2022-21577", "CVE-2022-21578", "CVE-2022-21579", "CVE-2022-21580", "CVE-2022-21581", "CVE-2022-21582", "CVE-2022-21583", "CVE-2022-21584", "CVE-2022-21585", "CVE-2022-21586", "CVE-2022-21824", "CVE-2022-22720", "CVE-2022-22721", "CVE-2022-22946", "CVE-2022-22947", "CVE-2022-22963", "CVE-2022-22965", "CVE-2022-22968", "CVE-2022-22969", "CVE-2022-22970", "CVE-2022-22971", "CVE-2022-22976", "CVE-2022-22978", "CVE-2022-23181", "CVE-2022-23218", "CVE-2022-23219", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307", "CVE-2022-23308", "CVE-2022-23437", "CVE-2022-23457", "CVE-2022-23632", "CVE-2022-23772", "CVE-2022-23773", "CVE-2022-23806", "CVE-2022-24329", "CVE-2022-24407", "CVE-2022-24728", "CVE-2022-24729", "CVE-2022-24735", "CVE-2022-24736", "CVE-2022-24801", "CVE-2022-24823", "CVE-2022-24839", "CVE-2022-24891", "CVE-2022-25169", "CVE-2022-25636", "CVE-2022-25647", "CVE-2022-25762", "CVE-2022-25845", "CVE-2022-27778", "CVE-2022-29577", "CVE-2022-29824", "CVE-2022-29885", "CVE-2022-30126", "CVE-2022-34169"], "modified": "2022-10-31T00:00:00", "id": "ORACLE:CPUJUL2022", "href": "https://www.oracle.com/security-alerts/cpujul2022.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "avleonov": [{"lastseen": "2023-08-30T12:44:33", "description": "Hello everyone! Great news for my open source [Scanvus](<https://github.com/leonov-av/scanvus>) project! You can now perform vulnerability checks on Linux hosts and docker images not only using the [Vulners.com API](<https://vulners.com/docs/API_wrapper/linux_audit/>), but also with the [Vulns.io VM API](<https://vulns.io/>). It&#x27;s especially nice that all the code to support the new API was written and contributed by colleagues from Vulns.io. I just had to do the final test. Many thanks to them for this!\n\nAlternative video link (for Russia): <https://vk.com/video-149273431_456239113>\n\n## How can the support of these two APIs in Scanvus be useful?\n\n 1. Now there is no binding to one vendor. Choose which service and price you prefer.\n 2. The set of supported operating systems varies between Vulners.com and Vulns.io. If a particular Linux distribution is not supported by one vendor, it may be supported by another vendor.\n 3. Vulners and Vulns.io implemented vulnerability checks independently of each other. If the results differ when scanning the same host/image, then implementation errors will be clearly visible.\n 4. Scanvus is released under the MIT license, so you can use it as an example of working with the Vulners.com and Vulns.io APIs and use this code in your projects.\n\n## How to use it?\n\nBasically, everything works exactly the same. You only need to specify the API you want to use in the -audit-service parameter. This can be &quot;vulners&quot; (default) or &quot;vulnsio&quot;.\n\n### Localhost\n\nTo begin, I scanned my localhost. This is a completely updated Ubuntu host. Vulners and Vulns.io did not detect security bulletin vulnerabilities there. And this is correct.\n\nVulners did not detect any vulnerabilities at all.\n \n \n $ python3.8 scanvus.py --audit-service vulners --assessment-type localhost\n /$$$$$$$ /$$$$$$$ /$$$$$$ /$$$$$$$ /$$ /$$/$$ /$$ /$$$$$$$\n /$$_____/ /$$_____/ |____ $$| $$__ $$| $$ /$$/ $$ | $$ /$$_____/\n | $$$$$$ | $$ /$$$$$$$| $$ \\ $$ \\ $$/$$/| $$ | $$| $$$$$$ \n \\____ $$| $$ /$$__ $$| $$ | $$ \\ $$$/ | $$ | $$ \\____ $$\n /$$$$$$$/| $$$$$$$| $$$$$$$| $$ | $$ \\ $/ | $$$$$$/ /$$$$$$$/\n |_______/ \\_______/ \\_______/|__/ |__/ \\_/ \\______/ |_______/ \n Getting assessment target...\n assessment_type: localhost\n host: localhost\n Getting OS inventory data...\n os_name: ubuntu\n os_version: 20.04\n package_list_len: 2899\n Getting vulnerability data...\n Getting vulnerability report...\n -------------\n Vulnerability Report for localhost (localhost, ubuntu 20.04, linux kernel 5.4.0-135-generic, 2899 packages)\n 0 vulnerabilities were found\n \n\nAnd Vulns.io detected some vulnerabilities.\n \n \n $ python3.8 scanvus.py --audit-service vulnsio --assessment-type localhost\n /$$$$$$$ /$$$$$$$ /$$$$$$ /$$$$$$$ /$$ /$$/$$ /$$ /$$$$$$$\n /$$_____/ /$$_____/ |____ $$| $$__ $$| $$ /$$/ $$ | $$ /$$_____/\n | $$$$$$ | $$ /$$$$$$$| $$ \\ $$ \\ $$/$$/| $$ | $$| $$$$$$ \n \\____ $$| $$ /$$__ $$| $$ | $$ \\ $$$/ | $$ | $$ \\____ $$\n /$$$$$$$/| $$$$$$$| $$$$$$$| $$ | $$ \\ $/ | $$$$$$/ /$$$$$$$/\n |_______/ \\_______/ \\_______/|__/ |__/ \\_/ \\______/ |_______/ \n Getting assessment target...\n assessment_type: localhost\n host: localhost\n Getting OS inventory data...\n os_name: ubuntu\n os_version: 20.04\n package_list_len: 2899\n Getting vulnerability data...\n Getting vulnerability report...\n -------------\n Vulnerability Report for localhost (localhost, ubuntu 20.04, linux kernel 5.4.0-135-generic, 2899 packages)\n 3 vulnerabilities with levels ['Medium', 'Critical', 'High'] were found\n +---+----------+-------------+------------------+-------------------------------------------------------------------------------+\n | N | Level | Bulletin | CVE | Proof |\n +---+----------+-------------+------------------+-------------------------------------------------------------------------------+\n | 1 | Critical | no advisory | CVE-2021-21783 | apparmor-2.13.3-7ubuntu5.1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2207 | libapparmor1-2.13.3-7ubuntu5.1.amd64 >= 0:0.0.0 |\n | | | | CVE-2020-12390 | libapparmor1-2.13.3-7ubuntu5.1.i386 >= 0:0.0.0 |\n | | | | CVE-2021-3773 | chromium-codecs-ffmpeg-extra-1:85.0.4183.83-0ubuntu0.20.04.2.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-25236 | gstreamer1.0-libav-1.16.2-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-24791 | libqt5webengine-data-5.12.8+dfsg-0ubuntu1.1.all >= 0:0.0.0 |\n | | | | CVE-2019-15232 | libqt5webengine5-5.12.8+dfsg-0ubuntu1.1.amd64 >= 0:0.0.0 |\n | | | | CVE-2020-26972 | libqt5webenginecore5-5.12.8+dfsg-0ubuntu1.1.amd64 >= 0:0.0.0 |\n | | | | CVE-2020-12389 | libqt5webenginewidgets5-5.12.8+dfsg-0ubuntu1.1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2042 | firefox-108.0+build2-0ubuntu0.20.04.1.amd64 >= 0:0.0.0 |\n | | | | CVE-2020-13576 | firefox-locale-en-108.0+build2-0ubuntu0.20.04.1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-23852 | firefox-locale-ru-108.0+build2-0ubuntu0.20.04.1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-1253 | thunderbird-1:102.4.2+build2-0ubuntu0.20.04.1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-29462 | thunderbird-gnome-support-1:102.4.2+build2-0ubuntu0.20.04.1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-30475 | thunderbird-locale-en-1:102.4.2+build2-0ubuntu0.20.04.1.amd64 >= 0:0.0.0 |\n ...\n \n\nWhy? Because Vulners and Vulns.io work differently. Vulners only detects vulnerabilities mentioned in bulletins, while Vulns.io also shows vulnerabilities for which there are no bulletins and patches that fix the vulnerability. Such vulnerabilities are grouped by severity with &quot;no advisory&quot; instead of a bulletin identifier. Whether you want to see vulnerabilities that you can&#x27;t fix yet is up to you.\n\n### Linux host\n\nNext, I scanned a test upatched Debian 11 host.\n \n \n $ ssh-copy-id -i ~/.ssh/id_rsa.pub vmuser@192.168.56.105\n $ ssh -i ~/.ssh/id_rsa.pub vmuser@192.168.56.105\n\nIn this case, vulnerabilities related to security bulletins were detected. And there are not many of them, so the reports can be easily analyzed manually.\n \n \n $ python3.8 scanvus.py --audit-service \"vulners\" --assessment-type \"remote_ssh\" --host \"192.168.56.105\" --user-name \"vmuser\" --key-path \"/home/alexander/.ssh/id_rsa.pub\"\n /$$$$$$$ /$$$$$$$ /$$$$$$ /$$$$$$$ /$$ /$$/$$ /$$ /$$$$$$$\n /$$_____/ /$$_____/ |____ $$| $$__ $$| $$ /$$/ $$ | $$ /$$_____/\n | $$$$$$ | $$ /$$$$$$$| $$ \\ $$ \\ $$/$$/| $$ | $$| $$$$$$ \n \\____ $$| $$ /$$__ $$| $$ | $$ \\ $$$/ | $$ | $$ \\____ $$\n /$$$$$$$/| $$$$$$$| $$$$$$$| $$ | $$ \\ $/ | $$$$$$/ /$$$$$$$/\n |_______/ \\_______/ \\_______/|__/ |__/ \\_/ \\______/ |_______/ \n Getting assessment target...\n assessment_type: remote_ssh\n host: 192.168.56.105\n user_name: vmuser\n key_path: /home/alexander/.ssh/id_rsa.pub\n Getting OS inventory data...\n os_name: debian\n os_version: 11\n package_list_len: 364\n Getting vulnerability data...\n Getting vulnerability report...\n -------------\n Vulnerability Report for 192.168.56.105 (remote_ssh, debian 11, linux kernel 5.10.0-17-amd64, 364 packages)\n 3 vulnerabilities with levels ['High', 'Medium'] were found\n +---+--------+-------------------------+----------------+------------------------------------------------------------+\n | N | Level | Bulletin | CVE | Proof |\n +---+--------+-------------------------+----------------+------------------------------------------------------------+\n | 1 | High | DEBIAN:DLA-3152-1:9B676 | CVE-2016-10228 | libc-bin 2.31-13+deb11u3 amd64 < 2.31-13+deb11u4 |\n | | | | CVE-2019-19126 | libc6 2.31-13+deb11u3 amd64 < 2.31-13+deb11u4 |\n | | | | CVE-2019-25013 | locales 2.31-13+deb11u3 all < 2.31-13+deb11u4 |\n | | | | CVE-2020-10029 | libc-l10n 2.31-13+deb11u3 all < 2.31-13+deb11u4 |\n | | | | CVE-2020-1752 | |\n | | | | CVE-2020-27618 | |\n | | | | CVE-2020-6096 | |\n | | | | CVE-2021-27645 | |\n | | | | CVE-2021-3326 | |\n | | | | CVE-2021-33574 | |\n | | | | CVE-2021-35942 | |\n | | | | CVE-2021-3999 | |\n | | | | CVE-2022-23218 | |\n | | | | CVE-2022-23219 | |\n +---+--------+-------------------------+----------------+------------------------------------------------------------+\n | 2 | Medium | DEBIAN:DLA-3206-1:5481E | CVE-2019-14870 | krb5-locales 1.18.3-6+deb11u1 all < 1.18.3-6+deb11u3 |\n | | | | CVE-2021-3671 | libkrb5-3 1.18.3-6+deb11u1 amd64 < 1.18.3-6+deb11u3 |\n | | | | CVE-2021-44758 | libk5crypto3 1.18.3-6+deb11u1 amd64 < 1.18.3-6+deb11u3 |\n | | | | CVE-2022-3437 | libkrb5support0 1.18.3-6+deb11u1 amd64 < 1.18.3-6+deb11u3 |\n | | | | CVE-2022-41916 | libgssapi-krb5-2 1.18.3-6+deb11u1 amd64 < 1.18.3-6+deb11u3 |\n | | | | CVE-2022-42898 | |\n | | | | CVE-2022-44640 | |\n +---+--------+-------------------------+----------------+------------------------------------------------------------+\n | 3 | Medium | DEBIAN:DSA-5287-1:12BD4 | CVE-2021-3671 | krb5-locales 1.18.3-6+deb11u1 all < 1.18.3-6+deb11u3 |\n | | | | CVE-2021-44758 | libkrb5-3 1.18.3-6+deb11u1 amd64 < 1.18.3-6+deb11u3 |\n | | | | CVE-2022-3437 | libk5crypto3 1.18.3-6+deb11u1 amd64 < 1.18.3-6+deb11u3 |\n | | | | CVE-2022-41916 | libkrb5support0 1.18.3-6+deb11u1 amd64 < 1.18.3-6+deb11u3 |\n | | | | CVE-2022-42898 | libgssapi-krb5-2 1.18.3-6+deb11u1 amd64 < 1.18.3-6+deb11u3 |\n | | | | CVE-2022-44640 | |\n +---+--------+-------------------------+----------------+------------------------------------------------------------+\n \n \n \n $ python3.8 scanvus.py --audit-service \"vulnsio\" --assessment-type \"remote_ssh\" --host \"192.168.56.105\" --user-name \"vmuser\" --key-path \"/home/alexander/.ssh/id_rsa.pub\"\n /$$$$$$$ /$$$$$$$ /$$$$$$ /$$$$$$$ /$$ /$$/$$ /$$ /$$$$$$$\n /$$_____/ /$$_____/ |____ $$| $$__ $$| $$ /$$/ $$ | $$ /$$_____/\n | $$$$$$ | $$ /$$$$$$$| $$ \\ $$ \\ $$/$$/| $$ | $$| $$$$$$ \n \\____ $$| $$ /$$__ $$| $$ | $$ \\ $$$/ | $$ | $$ \\____ $$\n /$$$$$$$/| $$$$$$$| $$$$$$$| $$ | $$ \\ $/ | $$$$$$/ /$$$$$$$/\n |_______/ \\_______/ \\_______/|__/ |__/ \\_/ \\______/ |_______/ \n Getting assessment target...\n assessment_type: remote_ssh\n host: 192.168.56.105\n user_name: vmuser\n key_path: /home/alexander/.ssh/id_rsa.pub\n Getting OS inventory data...\n os_name: debian\n os_version: 11\n package_list_len: 364\n Getting vulnerability data...\n Getting vulnerability report...\n -------------\n Vulnerability Report for 192.168.56.105 (remote_ssh, debian 11, linux kernel 5.10.0-17-amd64, 364 packages)\n 7 vulnerabilities with levels ['Medium', 'Critical', 'High'] were found\n +---+----------+-------------+------------------+----------------------------------------------------------------+\n | N | Level | Bulletin | CVE | Proof |\n +---+----------+-------------+------------------+----------------------------------------------------------------+\n | 1 | Critical | DSA-5236-1 | CVE-2022-40674 | libexpat1-2.2.10-2+deb11u3.amd64 < 0:2.2.10-2+deb11u4 |\n +---+----------+-------------+------------------+----------------------------------------------------------------+\n | 2 | Critical | no advisory | CVE-2022-23303 | apparmor-2.13.6-10.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-45952 | libapparmor1-2.13.6-10.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-3491 | bluetooth-5.55-3.1.all >= 0:0.0.0 |\n | | | | CVE-2020-27619 | bluez-5.55-3.1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-43400 | libbluetooth3-5.55-3.1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-29921 | busybox-1:1.30.1-6+b3.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-37454 | dnsmasq-base-2.85-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2019-1010022 | libc-bin-2.31-13+deb11u3.amd64 >= 0:0.0.0 |\n | | | | CVE-2005-2541 | libc-l10n-2.31-13+deb11u3.all >= 0:0.0.0 |\n | | | | CVE-2021-45957 | libc6-2.31-13+deb11u3.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-46908 | locales-2.31-13+deb11u3.all >= 0:0.0.0 |\n | | | | CVE-2021-42377 | libdb5.3-5.3.28+dfsg1-0.8.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-46848 | libpcre2-8-0-10.36-2.amd64 < 0:10.36-2+deb11u1 |\n | | | | CVE-2022-23304 | libpython3.9-minimal-3.9.2-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2019-8457 | libpython3.9-stdlib-3.9.2-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2210 | python3.9-3.9.2-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2042 | python3.9-minimal-3.9.2-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-1586 | libsqlite3-0-3.34.1-3.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-45954 | libtasn1-6-4.16.0-2.amd64 < 0:4.16.0-2+deb11u1 |\n | | | | CVE-2022-1587 | tar-1.34+dfsg-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-45953 | vim-common-2:8.2.2434-3+deb11u1.all >= 0:0.0.0 |\n | | | | CVE-2016-1585 | vim-tiny-2:8.2.2434-3+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-45955 | xxd-2:8.2.2434-3+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-45956 | wpasupplicant-2:2.9.0-21.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-45951 | |\n | | | | CVE-2015-20107 | |\n | | | | CVE-2022-2207 | |\n | | | | CVE-2022-0318 | |\n | | | | CVE-2022-1927 | |\n +---+----------+-------------+------------------+----------------------------------------------------------------+\n | 3 | High | DSA-5207-1 | CVE-2022-26373 | linux-image-5.10.0-16-amd64-5.10.127-2.amd64 < 0:5.10.136-1 |\n | | | | CVE-2022-2585 | |\n | | | | CVE-2022-23816 | |\n | | | | CVE-2022-2588 | |\n | | | | CVE-2022-29901 | |\n | | | | CVE-2022-36946 | |\n | | | | CVE-2022-2586 | |\n | | | | CVE-2022-29900 | |\n | | | | CVE-2022-36879 | |\n +---+----------+-------------+------------------+----------------------------------------------------------------+\n | 4 | High | DSA-5235-1 | CVE-2022-3080 | bind9-dnsutils-1:9.16.27-1~deb11u1.amd64 < 1:9.16.33-1~deb11u1 |\n | | | | CVE-2022-38177 | bind9-host-1:9.16.27-1~deb11u1.amd64 < 1:9.16.33-1~deb11u1 |\n | | | | CVE-2022-2795 | bind9-libs-1:9.16.27-1~deb11u1.amd64 < 1:9.16.33-1~deb11u1 |\n | | | | CVE-2022-38178 | |\n +---+----------+-------------+------------------+----------------------------------------------------------------+\n | 5 | High | no advisory | CVE-2022-1616 | bash-completion-1:2.11-2.all >= 0:0.0.0 |\n | | | | CVE-2022-31782 | bluetooth-5.55-3.1.all >= 0:0.0.0 |\n | | | | CVE-2022-0361 | bluez-5.55-3.1.amd64 >= 0:0.0.0 |\n | | | | CVE-2020-15778 | libbluetooth3-5.55-3.1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-3534 | busybox-1:1.30.1-6+b3.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-28831 | cpio-2.13+dfsg-4.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-43680 | dnsmasq-base-2.85-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-43551 | e2fsprogs-1.46.2-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-0629 | libcom-err2-1.46.2-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2284 | libext2fs2-1.46.2-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-4173 | libss2-1.46.2-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-0729 | logsave-1.46.2-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-3999 | grub-common-2.04-20.amd64 < 0:2.06-3~deb11u1 |\n | | | | CVE-2022-2206 | grub-pc-2.04-20.amd64 < 0:2.06-3~deb11u1 |\n | | | | CVE-2021-3903 | grub-pc-bin-2.04-20.amd64 < 0:2.06-3~deb11u1 |\n | | | | CVE-2022-1733 | grub2-common-2.04-20.amd64 < 0:2.06-3~deb11u1 |\n | | | | CVE-2022-1851 | iptables-1.8.7-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2019-19378 | libip4tc2-1.8.7-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2016-9918 | libip6tc2-1.8.7-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-42385 | libxtables12-1.8.7-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2581 | krb5-locales-1.18.3-6+deb11u1.all >= 0:0.0.0 |\n | | | | CVE-2021-42384 | libgssapi-krb5-2-1.18.3-6+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-39537 | libk5crypto3-1.18.3-6+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-42919 | libkrb5-3-1.18.3-6+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-3973 | libkrb5support0-1.18.3-6+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2129 | libbpf0-1:0.3-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-4136 | libc-bin-2.31-13+deb11u3.amd64 >= 0:0.0.0 |\n | | | | CVE-2017-15131 | libc-l10n-2.31-13+deb11u3.all >= 0:0.0.0 |\n | | | | CVE-2022-3176 | libc6-2.31-13+deb11u3.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2344 | locales-2.31-13+deb11u3.all >= 0:0.0.0 |\n | | | | CVE-2021-3697 | libcurl3-gnutls-7.74.0-1.3+deb11u2.amd64 >= 0:0.0.0 |\n | | | | CVE-2017-7246 | libexpat1-2.2.10-2+deb11u3.amd64 < 0:2.2.10-2+deb11u5 |\n | | | | CVE-2020-26560 | libfreetype6-2.10.4+dfsg-1+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2020-26559 | libgcrypt20-1.8.7-6.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-39686 | libjansson4-2.13.1-1.1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-1247 | libldap-2.4-2-2.4.57+dfsg-3+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-42382 | libldap-common-2.4.57+dfsg-3+deb11u1.all >= 0:0.0.0 |\n | | | | CVE-2017-17740 | libncurses6-6.2+20201114-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2020-36325 | libncursesw6-6.2+20201114-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2257 | libtinfo6-6.2+20201114-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-1154 | ncurses-base-6.2+20201114-2.all >= 0:0.0.0 |\n | | | | CVE-2022-0392 | ncurses-bin-6.2+20201114-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-3297 | ncurses-term-6.2+20201114-2.all >= 0:0.0.0 |\n | | | | CVE-2021-4192 | libpcre3-2:8.39-13.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2287 | libperl5.32-5.32.1-4+deb11u2.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-0408 | perl-5.32.1-4+deb11u2.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2571 | perl-base-5.32.1-4+deb11u2.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-0393 | perl-modules-5.32-5.32.1-4+deb11u2.all >= 0:0.0.0 |\n | | | | CVE-2022-1619 | libpolkit-agent-1-0-0.105-31+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2017-7245 | libpolkit-gobject-1-0-0.105-31+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2345 | policykit-1-0.105-31+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-1886 | libpython3.9-minimal-3.9.2-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-4204 | libpython3.9-stdlib-3.9.2-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-0943 | python3.9-3.9.2-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2264 | python3.9-minimal-3.9.2-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-0359 | libsqlite3-0-3.34.1-3.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-0572 | linux-image-5.10.0-16-amd64-5.10.127-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-0391 | linux-image-5.10.0-17-amd64-5.10.136-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2017-11164 | linux-image-amd64-5.10.136-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-0413 | login-1:4.8.1-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-3974 | passwd-1:4.8.1-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-1769 | openssh-client-1:8.4p1-5+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-42378 | openssh-server-1:8.4p1-5+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-0554 | openssh-sftp-server-1:8.4p1-5+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2175 | python3-httplib2-0.18.1-3.all >= 0:0.0.0 |\n | | | | CVE-2022-0685 | vim-common-2:8.2.2434-3+deb11u1.all >= 0:0.0.0 |\n | | | | CVE-2022-1621 | vim-tiny-2:8.2.2434-3+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-36690 | xxd-2:8.2.2434-3+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2019-1010023 | xdg-user-dirs-0.17-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2946 | |\n | | | | CVE-2018-20796 | |\n | | | | CVE-2021-38185 | |\n | | | | CVE-2018-6829 | |\n | | | | CVE-2022-3424 | |\n | | | | CVE-2021-21240 | |\n | | | | CVE-2022-1735 | |\n | | | | CVE-2022-0204 | |\n | | | | CVE-2019-9192 | |\n | | | | CVE-2016-9917 | |\n | | | | CVE-2022-2849 | |\n | | | | CVE-2022-2304 | |\n | | | | CVE-2022-0407 | |\n | | | | CVE-2021-3737 | |\n | | | | CVE-2022-2602 | |\n | | | | CVE-2022-1898 | |\n | | | | CVE-2022-2845 | |\n | | | | CVE-2022-0417 | |\n | | | | CVE-2022-1882 | |\n | | | | CVE-2013-7445 | |\n | | | | CVE-2019-20838 | |\n | | | | CVE-2021-42386 | |\n | | | | CVE-2022-2289 | |\n | | | | CVE-2022-1304 | |\n | | | | CVE-2022-2889 | |\n | | | | CVE-2022-1629 | |\n | | | | CVE-2021-41617 | |\n | | | | CVE-2022-2183 | |\n | | | | CVE-2022-0351 | |\n | | | | CVE-2020-11725 | |\n | | | | CVE-2021-4166 | |\n | | | | CVE-2022-2817 | |\n | | | | CVE-2020-26557 | |\n | | | | CVE-2022-29458 | |\n | | | | CVE-2021-3968 | |\n | | | | CVE-2022-25265 | |\n | | | | CVE-2019-19070 | |\n | | | | CVE-2021-4037 | |\n | | | | CVE-2019-12456 | |\n | | | | CVE-2019-19882 | |\n | | | | CVE-2021-33560 | |\n | | | | CVE-2022-2522 | |\n | | | | CVE-2022-2182 | |\n | | | | CVE-2012-2663 | |\n | | | | CVE-2022-1796 | |\n | | | | CVE-2022-2862 | |\n | | | | CVE-2022-2286 | |\n | | | | CVE-2020-16156 | |\n | | | | CVE-2022-1942 | |\n | | | | CVE-2022-1679 | |\n | | | | CVE-2021-26934 | |\n | | | | CVE-2018-1000500 | |\n | | | | CVE-2008-4609 | |\n | | | | CVE-2019-19449 | |\n | | | | CVE-2021-42381 | |\n | | | | CVE-2022-0368 | |\n | | | | CVE-2022-1720 | |\n | | | | CVE-2022-2125 | |\n | | | | CVE-2021-3847 | |\n | | | | CVE-2022-4139 | |\n | | | | CVE-2022-4378 | |\n | | | | CVE-2022-1620 | |\n | | | | CVE-2021-3872 | |\n | | | | CVE-2022-2126 | |\n | | | | CVE-2022-0934 | |\n | | | | CVE-2021-3928 | |\n | | | | CVE-2022-2000 | |\n | | | | CVE-2021-42383 | |\n | | | | CVE-2022-2816 | |\n | | | | CVE-2021-3984 | |\n | | | | CVE-2019-19814 | |\n | | | | CVE-2022-28733 | |\n | | | | CVE-2021-3927 | |\n | | | | CVE-2020-12362 | |\n | | | | CVE-2018-5709 | |\n | | | | CVE-2011-4116 | |\n | | | | CVE-2022-35737 | |\n | | | | CVE-2022-30065 | |\n | | | | CVE-2022-28734 | |\n | | | | CVE-2018-7738 | |\n | | | | CVE-2021-4187 | |\n | | | | CVE-2021-4069 | |\n | | | | CVE-2016-2568 | |\n | | | | CVE-2022-2343 | |\n | | | | CVE-2021-32078 | |\n | | | | CVE-2021-28861 | |\n | | | | CVE-2021-42380 | |\n | | | | CVE-2022-2819 | |\n | | | | CVE-2022-1785 | |\n | | | | CVE-2021-3864 | |\n | | | | CVE-2022-0443 | |\n | | | | CVE-2022-2124 | |\n | | | | CVE-2021-4019 | |\n | | | | CVE-2022-1968 | |\n | | | | CVE-2022-28391 | |\n | | | | CVE-2022-0500 | |\n | | | | CVE-2022-3775 | |\n | | | | CVE-2022-1897 | |\n | | | | CVE-2022-0261 | |\n | | | | CVE-2021-42379 | |\n | | | | CVE-2022-2285 | |\n +---+----------+-------------+------------------+----------------------------------------------------------------+\n | 6 | Medium | DSA-5251-1 | CVE-2022-2929 | isc-dhcp-client-4.4.1-2.3.amd64 < 0:4.4.1-2.3+deb11u1 |\n | | | | CVE-2022-2928 | isc-dhcp-common-4.4.1-2.3.amd64 < 0:4.4.1-2.3+deb11u1 |\n +---+----------+-------------+------------------+----------------------------------------------------------------+\n | 7 | Medium | no advisory | CVE-2019-12380 | avahi-autoipd-0.8-5.amd64 < 0:0.8-5+deb11u1 |\n | | | | CVE-2021-42376 | bash-5.1-2+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2019-16234 | bluetooth-5.55-3.1.all >= 0:0.0.0 |\n | | | | CVE-2022-3586 | bluez-5.55-3.1.amd64 >= 0:0.0.0 |\n | | | | CVE-2008-5367 | libbluetooth3-5.55-3.1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-1674 | bsdextrautils-2.36.1-8+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-31879 | bsdutils-1:2.36.1-8+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2018-15919 | eject-2.36.1-8+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-1771 | fdisk-2.36.1-8+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2020-36516 | libblkid1-2.36.1-8+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-1280 | libfdisk1-2.36.1-8+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-3669 | libmount1-2.36.1-8+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2010-5321 | libsmartcols1-2.36.1-8+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2007-6755 | libuuid1-2.36.1-8+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2020-15719 | mount-2.36.1-8+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-42374 | util-linux-2.36.1-8+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-28736 | busybox-1:1.30.1-6+b3.amd64 >= 0:0.0.0 |\n | | | | CVE-2016-9804 | coreutils-8.32-4+b1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-42375 | grub-common-2.04-20.amd64 < 0:2.06-3~deb11u1 |\n | | | | CVE-2021-3696 | grub-pc-2.04-20.amd64 < 0:2.06-3~deb11u1 |\n | | | | CVE-2018-17977 | grub-pc-bin-2.04-20.amd64 < 0:2.06-3~deb11u1 |\n | | | | CVE-2022-0156 | grub2-common-2.04-20.amd64 < 0:2.06-3~deb11u1 |\n | | | | CVE-2022-3542 | initramfs-tools-0.140.all >= 0:0.0.0 |\n | | | | CVE-2016-9799 | initramfs-tools-core-0.140.all >= 0:0.0.0 |\n | | | | CVE-2011-3389 | krb5-locales-1.18.3-6+deb11u1.all < 0:1.18.3-6+deb11u3 |\n | | | | CVE-2020-26555 | libgssapi-krb5-2-1.18.3-6+deb11u1.amd64 < 0:1.18.3-6+deb11u3 |\n | | | | CVE-2019-16229 | libk5crypto3-1.18.3-6+deb11u1.amd64 < 0:1.18.3-6+deb11u3 |\n | | | | CVE-2020-24504 | libkrb5-3-1.18.3-6+deb11u1.amd64 < 0:1.18.3-6+deb11u3 |\n | | | | CVE-2017-16231 | libkrb5support0-1.18.3-6+deb11u1.amd64 < 0:1.18.3-6+deb11u3 |\n | | | | CVE-2021-4193 | libbpf0-1:0.3-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2874 | libc-bin-2.31-13+deb11u3.amd64 >= 0:0.0.0 |\n | | | | CVE-2012-4542 | libc-l10n-2.31-13+deb11u3.all >= 0:0.0.0 |\n | | | | CVE-2022-3715 | libc6-2.31-13+deb11u3.amd64 >= 0:0.0.0 |\n | | | | CVE-2013-4235 | locales-2.31-13+deb11u3.all >= 0:0.0.0 |\n | | | | CVE-2016-9798 | libcurl3-gnutls-7.74.0-1.3+deb11u2.amd64 >= 0:0.0.0 |\n | | | | CVE-2020-0347 | libexpat1-2.2.10-2+deb11u3.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-22923 | libglib2.0-0-2.66.8-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2017-14159 | libglib2.0-data-2.66.8-1.all >= 0:0.0.0 |\n | | | | CVE-2021-3468 | libgnutls30-3.7.1-5+deb11u2.amd64 >= 0:0.0.0 |\n | | | | CVE-2008-5366 | libldap-2.4-2-2.4.57+dfsg-3+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2012-0039 | libldap-common-2.4.57+dfsg-3+deb11u1.all >= 0:0.0.0 |\n | | | | CVE-2020-14145 | libnss-systemd-247.3-7.amd64 >= 0:0.0.0 |\n | | | | CVE-2017-18018 | libpam-systemd-247.3-7.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-4415 | libsystemd0-247.3-7.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-44879 | libudev1-247.3-7.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-3502 | systemd-247.3-7.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-4095 | systemd-sysv-247.3-7.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-1420 | systemd-timesyncd-247.3-7.amd64 >= 0:0.0.0 |\n | | | | CVE-2016-3709 | udev-247.3-7.amd64 >= 0:0.0.0 |\n | | | | CVE-2019-15794 | libpcre3-2:8.39-13.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-0213 | libpng16-16-1.6.37-3.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-42328 | libpolkit-agent-1-0-0.105-31+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-42329 | libpolkit-gobject-1-0-0.105-31+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-42898 | policykit-1-0.105-31+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2015-3276 | libprotobuf-c1-1.3.3-1+b2.amd64 >= 0:0.0.0 |\n | | | | CVE-2011-4917 | libpython3.9-minimal-3.9.2-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2010-4756 | libpython3.9-stdlib-3.9.2-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-4189 | python3.9-3.9.2-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2019-16233 | python3.9-minimal-3.9.2-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2231 | libsqlite3-0-3.34.1-3.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-4214 | libssl1.1-1.1.1n-0+deb11u3.amd64 >= 0:0.0.0 |\n | | | | CVE-2014-9892 | openssl-1.1.1n-0+deb11u3.amd64 >= 0:0.0.0 |\n | | | | CVE-2008-4677 | libxml2-2.9.10+dfsg-6.7+deb11u2.amd64 >= 0:0.0.0 |\n | | | | CVE-2008-4996 | linux-image-5.10.0-16-amd64-5.10.127-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2020-12364 | linux-image-5.10.0-17-amd64-5.10.136-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2598 | linux-image-amd64-5.10.136-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2017-1000382 | login-1:4.8.1-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-3426 | passwd-1:4.8.1-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2010-0928 | openssh-client-1:8.4p1-5+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-2097 | openssh-server-1:8.4p1-5+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2017-13084 | openssh-sftp-server-1:8.4p1-5+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2008-5135 | os-prober-1.79.amd64 >= 0:0.0.0 |\n | | | | CVE-2016-9803 | ppp-2.4.9-1+1.amd64 >= 0:0.0.0 |\n | | | | CVE-2015-3243 | rsyslog-8.2102.0-2+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2017-0630 | vim-common-2:8.2.2434-3+deb11u1.all >= 0:0.0.0 |\n | | | | CVE-2007-2768 | vim-tiny-2:8.2.2434-3+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-45941 | xxd-2:8.2.2434-3+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2016-10723 | wget-1.21-1+deb11u1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-3857 | wpasupplicant-2:2.9.0-21.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-3658 | |\n | | | | CVE-2020-26142 | |\n | | | | CVE-2022-2208 | |\n | | | | CVE-2022-2873 | |\n | | | | CVE-2021-45346 | |\n | | | | CVE-2022-4662 | |\n | | | | CVE-2022-0714 | |\n | | | | CVE-2021-4023 | |\n | | | | CVE-2007-5686 | |\n | | | | CVE-2019-6129 | |\n | | | | CVE-2022-3061 | |\n | | | | CVE-2022-0171 | |\n | | | | CVE-2020-12363 | |\n | | | | CVE-2022-33070 | |\n | | | | CVE-2017-13694 | |\n | | | | CVE-2021-3714 | |\n | | | | CVE-2022-1184 | |\n | | | | CVE-2020-26143 | |\n | | | | CVE-2019-1010025 | |\n | | | | CVE-2020-13529 | |\n | | | | CVE-2019-16089 | |\n | | | | CVE-2022-0563 | |\n | | | | CVE-2019-15213 | |\n | | | | CVE-2019-12379 | |\n | | | | CVE-2014-9900 | |\n | | | | CVE-2022-2923 | |\n | | | | CVE-2019-5062 | |\n | | | | CVE-2021-30004 | |\n | | | | CVE-2016-9797 | |\n | | | | CVE-2016-9801 | |\n | | | | CVE-2017-13693 | |\n | | | | CVE-2007-2243 | |\n | | | | CVE-2019-6110 | |\n | | | | CVE-2022-0696 | |\n | | | | CVE-2019-12381 | |\n | | | | CVE-2021-4115 | |\n | | | | CVE-2019-16231 | |\n | | | | CVE-2019-12382 | |\n | | | | CVE-2022-3344 | |\n | | | | CVE-2020-14304 | |\n | | | | CVE-2022-23825 | |\n | | | | CVE-2019-12455 | |\n | | | | CVE-2004-0230 | |\n | | | | CVE-2022-3707 | |\n | | | | CVE-2019-16230 | |\n | | | | CVE-2019-1010024 | |\n | | | | CVE-2020-26140 | |\n | | | | CVE-2016-20012 | |\n | | | | CVE-2021-22922 | |\n | | | | CVE-2021-3759 | |\n | | | | CVE-2022-0480 | |\n | | | | CVE-2011-4916 | |\n | | | | CVE-2005-3660 | |\n | | | | CVE-2010-4563 | |\n | | | | CVE-2016-8660 | |\n | | | | CVE-2008-3234 | |\n | | | | CVE-2013-0340 | |\n | | | | CVE-2019-20794 | |\n | | | | CVE-2016-2781 | |\n | | | | CVE-2019-16232 | |\n | | | | CVE-2021-33061 | |\n | | | | CVE-2022-3628 | |\n | | | | CVE-2018-12928 | |\n | | | | CVE-2022-28735 | |\n | | | | CVE-2018-1121 | |\n | | | | CVE-2022-1462 | |\n | | | | CVE-2022-43552 | |\n | | | | CVE-2016-9800 | |\n | | | | CVE-2019-12378 | |\n | | | | CVE-2021-4149 | |\n | | | | CVE-2011-4915 | |\n | | | | CVE-2020-15802 | |\n | | | | CVE-2021-45940 | |\n | | | | CVE-2022-2153 | |\n | | | | CVE-2022-4543 | |\n | | | | CVE-2021-41229 | |\n | | | | CVE-2008-2544 | |\n | | | | CVE-2016-9802 | |\n | | | | CVE-2022-3606 | |\n | | | | CVE-2022-0400 | |\n | | | | CVE-2022-0319 | |\n | | | | CVE-2022-21505 | |\n | | | | CVE-2021-3733 | |\n | | | | CVE-2021-42373 | |\n | | | | CVE-2021-3695 | |\n +---+----------+-------------+------------------+----------------------------------------------------------------+\n \n\nAnd we can see that the APIs returned different detection results for the DSA/DLA bulletins. The intersection of the sets is empty.\n \n \n **Vulners \u2216 VulnsIO:** 3 {'DLA-3206-1', 'DSA-5287-1', 'DLA-3152-1'}\n **Vulners \u2229 VulnsIO:** 0 set()\n **VulnsIO \u2216 Vulners:** 4 {'DSA-5207-1', 'DSA-5235-1', 'DSA-5236-1', 'DSA-5251-1'}\n\nAt the same time, proofs look convincing at first glance. In this episode, I won&#x27;t go into why there is such a difference in Debian vulnerability detection results. Perhaps the answer is in the operation of the API, and perhaps in the collection of data from the host. I think we will solve this with colleagues from Vulners and Vulns.io. I&#x27;m just pointing out again that vulnerability detection is not that easy and it&#x27;s good when you can use several independent detection engines and compare the results.\n\n### Docker image \n\nNext, I check the vulnerabilities for the Docker image. It is also based on Debian 11.\n \n \n $ python3.8 scanvus.py --audit-service vulners --assessment-type \"docker_image\" --docker-image \"python:3.9.6-slim-bullseye\"\n /$$$$$$$ /$$$$$$$ /$$$$$$ /$$$$$$$ /$$ /$$/$$ /$$ /$$$$$$$\n /$$_____/ /$$_____/ |____ $$| $$__ $$| $$ /$$/ $$ | $$ /$$_____/\n | $$$$$$ | $$ /$$$$$$$| $$ \\ $$ \\ $$/$$/| $$ | $$| $$$$$$ \n \\____ $$| $$ /$$__ $$| $$ | $$ \\ $$$/ | $$ | $$ \\____ $$\n /$$$$$$$/| $$$$$$$| $$$$$$$| $$ | $$ \\ $/ | $$$$$$/ /$$$$$$$/\n |_______/ \\_______/ \\_______/|__/ |__/ \\_/ \\______/ |_______/ \n Getting assessment target...\n assessment_type: docker_image\n docker_image: python:3.9.6-slim-bullseye\n Getting OS inventory data...\n os_name: debian\n os_version: 11\n package_list_len: 105\n Getting vulnerability data...\n Getting vulnerability report...\n -------------\n Vulnerability Report for python:3.9.6-slim-bullseye (docker_image, debian 11, linux kernel 5.4.0-135-generic, 105 packages)\n 22 vulnerabilities with levels ['Critical', 'High', 'Medium'] were found\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | N | Level | Bulletin | CVE | Proof |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 1 | Critical | DEBIAN:DLA-2904-1:6B1FD | CVE-2021-45960 | libexpat1 2.2.10-2 amd64 < 2.2.10-2+deb11u1 |\n | | | | CVE-2021-46143 | |\n | | | | CVE-2022-22822 | |\n | | | | CVE-2022-22823 | |\n | | | | CVE-2022-22824 | |\n | | | | CVE-2022-22825 | |\n | | | | CVE-2022-22826 | |\n | | | | CVE-2022-22827 | |\n | | | | CVE-2022-23852 | |\n | | | | CVE-2022-23990 | |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 2 | Critical | DEBIAN:DLA-3008-1:E2717 | CVE-2022-1292 | libssl1.1 1.1.1k-1 amd64 < 1.1.1n-0+deb11u2 |\n | | | | | openssl 1.1.1k-1 amd64 < 1.1.1n-0+deb11u2 |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 3 | Critical | DEBIAN:DSA-5073-1:5DBA9 | CVE-2021-45960 | libexpat1 2.2.10-2 amd64 < 2.2.10-2+deb11u1 |\n | | | | CVE-2021-46143 | |\n | | | | CVE-2022-22822 | |\n | | | | CVE-2022-22823 | |\n | | | | CVE-2022-22824 | |\n | | | | CVE-2022-22825 | |\n | | | | CVE-2022-22826 | |\n | | | | CVE-2022-22827 | |\n | | | | CVE-2022-23852 | |\n | | | | CVE-2022-23990 | |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 4 | Critical | DEBIAN:DSA-5139-1:0E208 | CVE-2022-1292 | libssl1.1 1.1.1k-1 amd64 < 1.1.1n-0+deb11u2 |\n | | | | | openssl 1.1.1k-1 amd64 < 1.1.1n-0+deb11u2 |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 5 | Critical | DEBIAN:DSA-5169-1:87483 | CVE-2022-2068 | libssl1.1 1.1.1k-1 amd64 < 1.1.1n-0+deb11u3 |\n | | | | | openssl 1.1.1k-1 amd64 < 1.1.1n-0+deb11u3 |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 6 | High | DEBIAN:DLA-2935-1:EEAAD | CVE-2022-23852 | libexpat1 2.2.10-2 amd64 < 2.2.10-2+deb11u1 |\n | | | | CVE-2022-25235 | |\n | | | | CVE-2022-25236 | |\n | | | | CVE-2022-25313 | |\n | | | | CVE-2022-25315 | |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 7 | High | DEBIAN:DLA-3022-1:26EFE | CVE-2022-1664 | dpkg 1.20.9 amd64 < 1.20.10 |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 8 | High | DEBIAN:DLA-3152-1:9B676 | CVE-2016-10228 | libc-bin 2.31-13 amd64 < 2.31-13+deb11u3 |\n | | | | CVE-2019-19126 | libc6 2.31-13 amd64 < 2.31-13+deb11u3 |\n | | | | CVE-2019-25013 | |\n | | | | CVE-2020-10029 | |\n | | | | CVE-2020-1752 | |\n | | | | CVE-2020-27618 | |\n | | | | CVE-2020-6096 | |\n | | | | CVE-2021-27645 | |\n | | | | CVE-2021-3326 | |\n | | | | CVE-2021-33574 | |\n | | | | CVE-2021-35942 | |\n | | | | CVE-2021-3999 | |\n | | | | CVE-2022-23218 | |\n | | | | CVE-2022-23219 | |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 9 | High | DEBIAN:DSA-4963-1:90BFC | CVE-2021-3711 | libssl1.1 1.1.1k-1 amd64 < 1.1.1k-1+deb11u1 |\n | | | | CVE-2021-3712 | openssl 1.1.1k-1 amd64 < 1.1.1k-1+deb11u1 |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 10 | High | DEBIAN:DSA-4963-1:DA7BC | CVE-2021-3711 | libssl1.1 1.1.1k-1 amd64 < 1.1.1k-1+deb11u1 |\n | | | | CVE-2021-3712 | openssl 1.1.1k-1 amd64 < 1.1.1k-1+deb11u1 |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 11 | High | DEBIAN:DSA-5085-1:EC5E7 | CVE-2022-25235 | libexpat1 2.2.10-2 amd64 < 2.2.10-2+deb11u2 |\n | | | | CVE-2022-25236 | |\n | | | | CVE-2022-25313 | |\n | | | | CVE-2022-25314 | |\n | | | | CVE-2022-25315 | |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 12 | High | DEBIAN:DSA-5085-2:292DA | CVE-2022-25236 | libexpat1 2.2.10-2 amd64 < 2.2.10-2+deb11u3 |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 13 | High | DEBIAN:DSA-5147-1:638F9 | CVE-2022-1664 | dpkg 1.20.9 amd64 < 1.20.10 |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 14 | Medium | DEBIAN:DLA-2766-1:9EFDC | CVE-2021-3712 | libssl1.1 1.1.1k-1 amd64 < 1.1.1k-1+deb11u1 |\n | | | | | openssl 1.1.1k-1 amd64 < 1.1.1k-1+deb11u1 |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 15 | Medium | DEBIAN:DLA-2771-1:D1964 | CVE-2018-20217 | libk5crypto3 1.18.3-6 amd64 < 1.18.3-6+deb11u1 |\n | | | | CVE-2018-5729 | libkrb5-3 1.18.3-6 amd64 < 1.18.3-6+deb11u1 |\n | | | | CVE-2018-5730 | libgssapi-krb5-2 1.18.3-6 amd64 < 1.18.3-6+deb11u1 |\n | | | | CVE-2021-37750 | libkrb5support0 1.18.3-6 amd64 < 1.18.3-6+deb11u1 |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 16 | Medium | DEBIAN:DLA-2774-1:D8CE0 | CVE-2021-3712 | libssl1.1 1.1.1k-1 amd64 < 1.1.1k-1+deb11u1 |\n | | | | | openssl 1.1.1k-1 amd64 < 1.1.1k-1+deb11u1 |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 17 | Medium | DEBIAN:DLA-2952-1:7651B | CVE-2019-1551 | libssl1.1 1.1.1k-1 amd64 < 1.1.1k-1+deb11u2 |\n | | | | CVE-2022-0778 | openssl 1.1.1k-1 amd64 < 1.1.1k-1+deb11u2 |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 18 | Medium | DEBIAN:DLA-2953-1:551CB | CVE-2022-0778 | libssl1.1 1.1.1k-1 amd64 < 1.1.1k-1+deb11u2 |\n | | | | | openssl 1.1.1k-1 amd64 < 1.1.1k-1+deb11u2 |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 19 | Medium | DEBIAN:DLA-3206-1:5481E | CVE-2019-14870 | libk5crypto3 1.18.3-6 amd64 < 1.18.3-6+deb11u3 |\n | | | | CVE-2021-3671 | libkrb5-3 1.18.3-6 amd64 < 1.18.3-6+deb11u3 |\n | | | | CVE-2021-44758 | libgssapi-krb5-2 1.18.3-6 amd64 < 1.18.3-6+deb11u3 |\n | | | | CVE-2022-3437 | libkrb5support0 1.18.3-6 amd64 < 1.18.3-6+deb11u3 |\n | | | | CVE-2022-41916 | |\n | | | | CVE-2022-42898 | |\n | | | | CVE-2022-44640 | |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 20 | Medium | DEBIAN:DSA-5103-1:C47DD | CVE-2021-4160 | libssl1.1 1.1.1k-1 amd64 < 1.1.1k-1+deb11u2 |\n | | | | CVE-2022-0778 | openssl 1.1.1k-1 amd64 < 1.1.1k-1+deb11u2 |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 21 | Medium | DEBIAN:DSA-5174-1:32717 | CVE-2022-34903 | gpgv 2.2.27-2 amd64 < 2.2.27-2+deb11u2 |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n | 22 | Medium | DEBIAN:DSA-5287-1:12BD4 | CVE-2021-3671 | libk5crypto3 1.18.3-6 amd64 < 1.18.3-6+deb11u3 |\n | | | | CVE-2021-44758 | libkrb5-3 1.18.3-6 amd64 < 1.18.3-6+deb11u3 |\n | | | | CVE-2022-3437 | libgssapi-krb5-2 1.18.3-6 amd64 < 1.18.3-6+deb11u3 |\n | | | | CVE-2022-41916 | libkrb5support0 1.18.3-6 amd64 < 1.18.3-6+deb11u3 |\n | | | | CVE-2022-42898 | |\n | | | | CVE-2022-44640 | |\n +----+----------+-------------------------+----------------+----------------------------------------------------+\n \n \n \n $ python3.8 scanvus.py --audit-service vulnsio --assessment-type \"docker_image\" --docker-image \"python:3.9.6-slim-bullseye\" \n /$$$$$$$ /$$$$$$$ /$$$$$$ /$$$$$$$ /$$ /$$/$$ /$$ /$$$$$$$\n /$$_____/ /$$_____/ |____ $$| $$__ $$| $$ /$$/ $$ | $$ /$$_____/\n | $$$$$$ | $$ /$$$$$$$| $$ \\ $$ \\ $$/$$/| $$ | $$| $$$$$$ \n \\____ $$| $$ /$$__ $$| $$ | $$ \\ $$$/ | $$ | $$ \\____ $$\n /$$$$$$$/| $$$$$$$| $$$$$$$| $$ | $$ \\ $/ | $$$$$$/ /$$$$$$$/\n |_______/ \\_______/ \\_______/|__/ |__/ \\_/ \\______/ |_______/ \n Getting assessment target...\n assessment_type: docker_image\n docker_image: python:3.9.6-slim-bullseye\n Getting OS inventory data...\n os_name: debian\n os_version: 11\n package_list_len: 105\n Getting vulnerability data...\n Getting vulnerability report...\n -------------\n Vulnerability Report for python:3.9.6-slim-bullseye (docker_image, debian 11, linux kernel 5.4.0-135-generic, 105 packages)\n 19 vulnerabilities with levels ['Critical', 'High', 'Medium'] were found\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | N | Level | Bulletin | CVE | Proof |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 1 | Critical | DSA-4963-1 | CVE-2021-3711 | libssl1.1-1.1.1k-1.amd64 < 0:1.1.1k-1+deb11u1 |\n | | | | CVE-2021-3712 | openssl-1.1.1k-1.amd64 < 0:1.1.1k-1+deb11u1 |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 2 | Critical | DSA-5073-1 | CVE-2022-23852 | libexpat1-2.2.10-2.amd64 < 0:2.2.10-2+deb11u1 |\n | | | | CVE-2022-23990 | |\n | | | | CVE-2021-46143 | |\n | | | | CVE-2022-22824 | |\n | | | | CVE-2022-22827 | |\n | | | | CVE-2021-45960 | |\n | | | | CVE-2022-22822 | |\n | | | | CVE-2022-22825 | |\n | | | | CVE-2022-22823 | |\n | | | | CVE-2022-22826 | |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 3 | Critical | DSA-5085-1 | CVE-2022-25236 | libexpat1-2.2.10-2.amd64 < 0:2.2.10-2+deb11u2 |\n | | | | CVE-2022-25314 | |\n | | | | CVE-2022-25235 | |\n | | | | CVE-2022-25315 | |\n | | | | CVE-2022-25313 | |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 4 | Critical | DSA-5139-1 | CVE-2022-1292 | libssl1.1-1.1.1k-1.amd64 < 0:1.1.1n-0+deb11u2 |\n | | | | | openssl-1.1.1k-1.amd64 < 0:1.1.1n-0+deb11u2 |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 5 | Critical | DSA-5147-1 | CVE-2022-1664 | dpkg-1.20.9.amd64 < 0:1.20.10 |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 6 | Critical | DSA-5169-1 | CVE-2022-2068 | libssl1.1-1.1.1k-1.amd64 < 0:1.1.1n-0+deb11u3 |\n | | | | | openssl-1.1.1k-1.amd64 < 0:1.1.1n-0+deb11u3 |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 7 | Critical | DSA-5218-1 | CVE-2022-37434 | zlib1g-1:1.2.11.dfsg-2.amd64 < 1:1.2.11.dfsg-2+deb11u2 |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 8 | Critical | DSA-5236-1 | CVE-2022-40674 | libexpat1-2.2.10-2.amd64 < 0:2.2.10-2+deb11u4 |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 9 | Critical | no advisory | CVE-2022-23218 | libc-bin-2.31-13.amd64 < 0:2.31-13+deb11u3 |\n | | | | CVE-2022-46908 | libc6-2.31-13.amd64 < 0:2.31-13+deb11u3 |\n | | | | CVE-2019-1010022 | libdb5.3-5.3.28+dfsg1-0.8.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-23219 | libpcre2-8-0-10.36-2.amd64 < 0:10.36-2+deb11u1 |\n | | | | CVE-2019-8457 | libsqlite3-0-3.34.1-3.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-33574 | libtasn1-6-4.16.0-2.amd64 < 0:4.16.0-2+deb11u1 |\n | | | | CVE-2005-2541 | tar-1.34+dfsg-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-1587 | |\n | | | | CVE-2022-1586 | |\n | | | | CVE-2021-46848 | |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 10 | High | DSA-5103-1 | CVE-2022-0778 | libssl1.1-1.1.1k-1.amd64 < 0:1.1.1k-1+deb11u2 |\n | | | | CVE-2021-4160 | openssl-1.1.1k-1.amd64 < 0:1.1.1k-1+deb11u2 |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 11 | High | DSA-5111-1 | CVE-2018-25032 | zlib1g-1:1.2.11.dfsg-2.amd64 < 1:1.2.11.dfsg-2+deb11u1 |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 12 | High | DSA-5122-1 | CVE-2022-1271 | gzip-1.10-4.amd64 < 0:1.10-4+deb11u1 |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 13 | High | DSA-5123-1 | CVE-2022-1271 | liblzma5-5.2.5-2.amd64 < 0:5.2.5-2.1~deb11u1 |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 14 | High | DSA-5200-1 | CVE-2021-46828 | libtirpc-common-1.3.1-1.all < 0:1.3.1-1+deb11u1 |\n | | | | | libtirpc3-1.3.1-1.amd64 < 0:1.3.1-1+deb11u1 |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 15 | High | DSA-5203-1 | CVE-2022-2509 | libgnutls30-3.7.1-5.amd64 < 0:3.7.1-5+deb11u2 |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 16 | High | no advisory | CVE-2022-29458 | e2fsprogs-1.46.2-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2018-6829 | libcom-err2-1.46.2-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-43618 | libext2fs2-1.46.2-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2019-20838 | libss2-1.46.2-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-36690 | logsave-1.46.2-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2019-19882 | libc-bin-2.31-13.amd64 < 0:2.31-13+deb11u3 |\n | | | | CVE-2011-4116 | libc6-2.31-13.amd64 < 0:2.31-13+deb11u3 |\n | | | | CVE-2022-1304 | libexpat1-2.2.10-2.amd64 < 0:2.2.10-2+deb11u5 |\n | | | | CVE-2017-7246 | libgcrypt20-1.8.7-6.amd64 >= 0:0.0.0 |\n | | | | CVE-2018-20796 | libgmp10-2:6.2.1+dfsg-1.amd64 < 2:6.2.1+dfsg-1+deb11u1 |\n | | | | CVE-2019-1010023 | libgssapi-krb5-2-1.18.3-6.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-39537 | libk5crypto3-1.18.3-6.amd64 >= 0:0.0.0 |\n | | | | CVE-2020-16156 | libkrb5-3-1.18.3-6.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-43680 | libkrb5support0-1.18.3-6.amd64 >= 0:0.0.0 |\n | | | | CVE-2018-5709 | libncursesw6-6.2+20201114-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2019-9192 | libtinfo6-6.2+20201114-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-3999 | ncurses-base-6.2+20201114-2.all >= 0:0.0.0 |\n | | | | CVE-2017-7245 | ncurses-bin-6.2+20201114-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2017-11164 | libpcre3-2:8.39-13.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-35737 | libsqlite3-0-3.34.1-3.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-43396 | login-1:4.8.1-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-33560 | passwd-1:4.8.1-1.amd64 >= 0:0.0.0 |\n | | | | | perl-base-5.32.1-4+deb11u1.amd64 >= 0:0.0.0 |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 17 | Medium | DSA-5055-1 | CVE-2021-3996 | bsdutils-1:2.36.1-8.amd64 < 0:2.36.1-8+deb11u1 |\n | | | | CVE-2021-3995 | libblkid1-2.36.1-8.amd64 < 0:2.36.1-8+deb11u1 |\n | | | | | libmount1-2.36.1-8.amd64 < 0:2.36.1-8+deb11u1 |\n | | | | | libsmartcols1-2.36.1-8.amd64 < 0:2.36.1-8+deb11u1 |\n | | | | | libuuid1-2.36.1-8.amd64 < 0:2.36.1-8+deb11u1 |\n | | | | | mount-2.36.1-8.amd64 < 0:2.36.1-8+deb11u1 |\n | | | | | util-linux-2.36.1-8.amd64 < 0:2.36.1-8+deb11u1 |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 18 | Medium | DSA-5174-1 | CVE-2022-34903 | gpgv-2.2.27-2.amd64 < 0:2.2.27-2+deb11u2 |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n | 19 | Medium | no advisory | CVE-2022-2097 | bash-5.1-2+b3.amd64 >= 0:0.0.0 |\n | | | | CVE-2013-4235 | bsdutils-1:2.36.1-8.amd64 >= 0:0.0.0 |\n | | | | CVE-2019-1010024 | libblkid1-2.36.1-8.amd64 >= 0:0.0.0 |\n | | | | CVE-2010-0928 | libmount1-2.36.1-8.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-4209 | libsmartcols1-2.36.1-8.amd64 >= 0:0.0.0 |\n | | | | CVE-2016-2781 | libuuid1-2.36.1-8.amd64 >= 0:0.0.0 |\n | | | | CVE-2017-16231 | mount-2.36.1-8.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-42898 | util-linux-2.36.1-8.amd64 >= 0:0.0.0 |\n | | | | CVE-2017-18018 | coreutils-8.32-4+b1.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-45346 | libc-bin-2.31-13.amd64 >= 0:0.0.0 |\n | | | | CVE-2021-37750 | libc6-2.31-13.amd64 >= 0:0.0.0 |\n | | | | CVE-2007-6755 | libexpat1-2.2.10-2.amd64 >= 0:0.0.0 |\n | | | | CVE-2010-4756 | libgnutls30-3.7.1-5.amd64 >= 0:0.0.0 |\n | | | | CVE-2013-0340 | libgssapi-krb5-2-1.18.3-6.amd64 < 0:1.18.3-6+deb11u1 |\n | | | | CVE-2021-3997 | libk5crypto3-1.18.3-6.amd64 < 0:1.18.3-6+deb11u1 |\n | | | | CVE-2011-3389 | libkrb5-3-1.18.3-6.amd64 < 0:1.18.3-6+deb11u1 |\n | | | | CVE-2022-3715 | libkrb5support0-1.18.3-6.amd64 < 0:1.18.3-6+deb11u1 |\n | | | | CVE-2022-0563 | libpcre3-2:8.39-13.amd64 >= 0:0.0.0 |\n | | | | CVE-2020-13529 | libsqlite3-0-3.34.1-3.amd64 >= 0:0.0.0 |\n | | | | CVE-2022-4415 | libssl1.1-1.1.1k-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2019-1010025 | openssl-1.1.1k-1.amd64 >= 0:0.0.0 |\n | | | | CVE-2007-5686 | libsystemd0-247.3-6.amd64 < 0:247.3-7 |\n | | | | | libudev1-247.3-6.amd64 < 0:247.3-7 |\n | | | | | login-1:4.8.1-1.amd64 >= 0:0.0.0 |\n | | | | | passwd-1:4.8.1-1.amd64 >= 0:0.0.0 |\n +----+----------+-------------+------------------+--------------------------------------------------------+\n \n\nIn this case, more vulnerabilities were detected. We can also see a big difference in the results, but there is already some intersection of the sets.\n \n \n **Vulners \u2216 VulnsIO:** 13 {'DSA-5287-1', 'DLA-2771-1', 'DLA-2904-1', 'DLA-3022-1', 'DLA-3206-1', 'DLA-2766-1', 'DLA-2935-1', 'DLA-2774-1', 'DLA-3008-1', 'DLA-3152-1', 'DLA-2953-1', 'DSA-5085-2', 'DLA-2952-1'}\n **Vulners \u2229 VulnsIO:** 8 {'DSA-5147-1', 'DSA-5073-1', 'DSA-5174-1', 'DSA-4963-1', 'DSA-5169-1', 'DSA-5139-1', 'DSA-5085-1', 'DSA-5103-1'}\n **VulnsIO \u2216 Vulners:** 8 {'DSA-5111-1', 'DSA-5055-1', 'DSA-5123-1', 'DSA-5122-1', 'DSA-5236-1', 'DSA-5203-1', 'DSA-5218-1', 'DSA-5200-1'}\n\nWe can look at one bulletin that was detected by two APIs.\n\nVulners:\n \n \n | 13 | High | DEBIAN:DSA-5147-1:638F9 | CVE-2022-1664 | dpkg 1.20.9 amd64 < 1.20.10 |\n\nVulns.io:\n \n \n | 5 | Critical | DSA-5147-1 | CVE-2022-1664 | dpkg-1.20.9.amd64 < 0:1.20.10 |\n\nAs you can see from the proofs, the detection criteria are the same. And this is good. I would also like to draw attention to the different values of the criticality level for the bulletin. [Debian does not provide](<https://www.debian.org/security/2022/dsa-5147>) a this criticality level, apparently it is calculated by the vendors based on CVSS, but in different ways. \n\n## What&#x27;s next?\n\nAs we can see, support for the Vulners.com and Vulns.io APIs in Scanvus opens up new opportunities for testing the correctness of the detection for all supported Linux distributions.\n\nCurrently, support for the Vulners.com API and support for the Vulns.io API are implemented equally, but they are implemented independently. The bash inventory scripts for each of the APIs are different. Two independent reporting functions are also used. It seems right to **unify the inventory script** so that the same inventory results can be checked with Vulners.com and Vulns.io. It also seems right to create a **single format for presenting detection results** and convert raw results from APIs into this format. This format could be used for reporting and further integrations. In this way, it will be possible to debug the scheme for adding new APIs to Scanvus.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-12-30T18:03:13", "type": "avleonov", "title": "Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs", "bulletinFamily": "blog", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2004-0230", "CVE-2005-2541", "CVE-2005-3660", "CVE-2007-2243", "CVE-2007-2768", "CVE-2007-5686", "CVE-2007-6755", "CVE-2008-2544", "CVE-2008-3234", "CVE-2008-4609", "CVE-2008-4677", "CVE-2008-4996", "CVE-2008-5135", "CVE-2008-5366", "CVE-2008-5367", "CVE-2010-0928", "CVE-2010-4563", "CVE-2010-4756", "CVE-2010-5321", "CVE-2011-3389", "CVE-2011-4116", "CVE-2011-4915", "CVE-2011-4916", "CVE-2011-4917", "CVE-2012-0039", "CVE-2012-2663", "CVE-2012-4542", "CVE-2013-0340", "CVE-2013-4235", "CVE-2013-7445", "CVE-2014-9892", "CVE-2014-9900", "CVE-2015-20107", "CVE-2015-3243", "CVE-2015-3276", "CVE-2016-10228", "CVE-2016-10723", "CVE-2016-1585", "CVE-2016-20012", "CVE-2016-2568", "CVE-2016-2781", "CVE-2016-3709", "CVE-2016-8660", "CVE-2016-9797", "CVE-2016-9798", "CVE-2016-9799", "CVE-2016-9800", "CVE-2016-9801", "CVE-2016-9802", "CVE-2016-9803", "CVE-2016-9804", "CVE-2016-9917", "CVE-2016-9918", "CVE-2017-0630", "CVE-2017-1000382", "CVE-2017-11164", "CVE-2017-13084", "CVE-2017-13693", "CVE-2017-13694", "CVE-2017-14159", "CVE-2017-15131", "CVE-2017-16231", "CVE-2017-17740", "CVE-2017-18018", "CVE-2017-7245", "CVE-2017-7246", "CVE-2018-1000500", "CVE-2018-1121", "CVE-2018-12928", "CVE-2018-15919", "CVE-2018-17977", "CVE-2018-20217", "CVE-2018-20796", "CVE-2018-25032", "CVE-2018-5709", "CVE-2018-5729", "CVE-2018-5730", "CVE-2018-6829", "CVE-2018-7738", "CVE-2019-1010022", "CVE-2019-1010023", "CVE-2019-1010024", "CVE-2019-1010025", "CVE-2019-12378", "CVE-2019-12379", "CVE-2019-12380", "CVE-2019-12381", "CVE-2019-12382", "CVE-2019-12455", "CVE-2019-12456", "CVE-2019-14870", "CVE-2019-15213", "CVE-2019-15232", "CVE-2019-1551", "CVE-2019-15794", "CVE-2019-16089", "CVE-2019-16229", "CVE-2019-16230", "CVE-2019-16231", "CVE-2019-16232", "CVE-2019-16233", "CVE-2019-16234", "CVE-2019-19070", "CVE-2019-19126", "CVE-2019-19378", "CVE-2019-19449", "CVE-2019-19814", "CVE-2019-19882", "CVE-2019-20794", "CVE-2019-20838", "CVE-2019-25013", "CVE-2019-5062", "CVE-2019-6110", "CVE-2019-6129", "CVE-2019-8457", "CVE-2019-9192", "CVE-2020-0347", "CVE-2020-10029", "CVE-2020-11725", "CVE-2020-12362", "CVE-2020-12363", "CVE-2020-12364", "CVE-2020-12389", "CVE-2020-12390", "CVE-2020-13529", "CVE-2020-13576", "CVE-2020-14145", "CVE-2020-14304", "CVE-2020-15719", "CVE-2020-15778", "CVE-2020-15802", "CVE-2020-16156", "CVE-2020-1752", "CVE-2020-24504", "CVE-2020-26140", "CVE-2020-26142", "CVE-2020-26143", "CVE-2020-26555", "CVE-2020-26557", "CVE-2020-26559", "CVE-2020-26560", "CVE-2020-26972", "CVE-2020-27618", "CVE-2020-27619", "CVE-2020-36325", "CVE-2020-36516", "CVE-2020-6096", "CVE-2021-21240", "CVE-2021-21783", "CVE-2021-22922", "CVE-2021-22923", "CVE-2021-26934", "CVE-2021-27645", "CVE-2021-28831", "CVE-2021-28861", "CVE-2021-29462", "CVE-2021-29921", "CVE-2021-30004", "CVE-2021-30475", "CVE-2021-31879", "CVE-2021-32078", "CVE-2021-33061", "CVE-2021-3326", "CVE-2021-33560", "CVE-2021-33574", "CVE-2021-3426", "CVE-2021-3468", "CVE-2021-3502", "CVE-2021-35942", "CVE-2021-3658", "CVE-2021-3669", "CVE-2021-36690", "CVE-2021-3671", "CVE-2021-3695", "CVE-2021-3696", "CVE-2021-3697", "CVE-2021-3711", "CVE-2021-3712", "CVE-2021-3714", "CVE-2021-3733", "CVE-2021-3737", "CVE-2021-3759", "CVE-2021-3773", "CVE-2021-37750", "CVE-2021-38185", "CVE-2021-3847", "CVE-2021-3864", "CVE-2021-3872", "CVE-2021-3903", "CVE-2021-3927", "CVE-2021-3928", "CVE-2021-39537", "CVE-2021-3968", "CVE-2021-39686", "CVE-2021-3973", "CVE-2021-3974", "CVE-2021-3984", "CVE-2021-3995", "CVE-2021-3996", "CVE-2021-3997", "CVE-2021-3999", "CVE-2021-4019", "CVE-2021-4023", "CVE-2021-4037", "CVE-2021-4069", "CVE-2021-4115", "CVE-2021-41229", "CVE-2021-4136", "CVE-2021-4149", "CVE-2021-4160", "CVE-2021-41617", "CVE-2021-4166", "CVE-2021-4173", "CVE-2021-4187", "CVE-2021-4189", "CVE-2021-4192", "CVE-2021-4193", "CVE-2021-4204", "CVE-2021-4209", "CVE-2021-4214", "CVE-2021-42373", "CVE-2021-42374", "CVE-2021-42375", "CVE-2021-42376", "CVE-2021-42377", "CVE-2021-42378", "CVE-2021-42379", "CVE-2021-42380", "CVE-2021-42381", "CVE-2021-42382", "CVE-2021-42383", "CVE-2021-42384", "CVE-2021-42385", "CVE-2021-42386", "CVE-2021-43396", "CVE-2021-43400", "CVE-2021-43618", "CVE-2021-44758", "CVE-2021-44879", "CVE-2021-45346", "CVE-2021-45940", "CVE-2021-45941", "CVE-2021-45951", "CVE-2021-45952", "CVE-2021-45953", "CVE-2021-45954", "CVE-2021-45955", "CVE-2021-45956", "CVE-2021-45957", "CVE-2021-45960", "CVE-2021-46143", "CVE-2021-46828", "CVE-2021-46848", "CVE-2022-0156", "CVE-2022-0171", "CVE-2022-0204", "CVE-2022-0213", "CVE-2022-0261", "CVE-2022-0318", "CVE-2022-0319", "CVE-2022-0351", "CVE-2022-0359", "CVE-2022-0361", "CVE-2022-0368", "CVE-2022-0391", "CVE-2022-0392", "CVE-2022-0393", "CVE-2022-0400", "CVE-2022-0407", "CVE-2022-0408", "CVE-2022-0413", "CVE-2022-0417", "CVE-2022-0443", "CVE-2022-0480", "CVE-2022-0500", "CVE-2022-0554", "CVE-2022-0563", "CVE-2022-0572", "CVE-2022-0629", "CVE-2022-0685", "CVE-2022-0696", "CVE-2022-0714", "CVE-2022-0729", "CVE-2022-0778", "CVE-2022-0934", "CVE-2022-0943", "CVE-2022-1154", "CVE-2022-1184", "CVE-2022-1247", "CVE-2022-1253", "CVE-2022-1271", "CVE-2022-1280", "CVE-2022-1292", "CVE-2022-1304", "CVE-2022-1420", "CVE-2022-1462", "CVE-2022-1586", "CVE-2022-1587", "CVE-2022-1616", "CVE-2022-1619", "CVE-2022-1620", "CVE-2022-1621", "CVE-2022-1629", "CVE-2022-1664", "CVE-2022-1674", "CVE-2022-1679", "CVE-2022-1720", "CVE-2022-1733", "CVE-2022-1735", "CVE-2022-1769", "CVE-2022-1771", "CVE-2022-1785", "CVE-2022-1796", "CVE-2022-1851", "CVE-2022-1882", "CVE-2022-1886", "CVE-2022-1897", "CVE-2022-1898", "CVE-2022-1927", "CVE-2022-1942", "CVE-2022-1968", "CVE-2022-2000", "CVE-2022-2042", "CVE-2022-2068", "CVE-2022-2097", "CVE-2022-2124", "CVE-2022-2125", "CVE-2022-2126", "CVE-2022-2129", "CVE-2022-21505", "CVE-2022-2153", "CVE-2022-2175", "CVE-2022-2182", "CVE-2022-2183", "CVE-2022-2206", "CVE-2022-2207", "CVE-2022-2208", "CVE-2022-2210", "CVE-2022-2231", "CVE-2022-2257", "CVE-2022-2264", "CVE-2022-22822", "CVE-2022-22823", "CVE-2022-22824", "CVE-2022-22825", "CVE-2022-22826", "CVE-2022-22827", "CVE-2022-2284", "CVE-2022-2285", "CVE-2022-2286", "CVE-2022-2287", "CVE-2022-2289", "CVE-2022-2304", "CVE-2022-23218", "CVE-2022-23219", "CVE-2022-23303", "CVE-2022-23304", "CVE-2022-2343", "CVE-2022-2344", "CVE-2022-2345", "CVE-2022-23816", "CVE-2022-23825", "CVE-2022-23852", "CVE-2022-23990", "CVE-2022-24791", "CVE-2022-2509", "CVE-2022-2522", "CVE-2022-25235", "CVE-2022-25236", "CVE-2022-25265", "CVE-2022-25313", "CVE-2022-25314", "CVE-2022-25315", "CVE-2022-2571", "CVE-2022-2581", "CVE-2022-2585", "CVE-2022-2586", "CVE-2022-2588", "CVE-2022-2598", "CVE-2022-2602", "CVE-2022-26373", "CVE-2022-2795", "CVE-2022-2816", "CVE-2022-2817", "CVE-2022-2819", "CVE-2022-28391", "CVE-2022-2845", "CVE-2022-2849", "CVE-2022-2862", "CVE-2022-2873", "CVE-2022-28733", "CVE-2022-28734", "CVE-2022-28735", "CVE-2022-28736", "CVE-2022-2874", "CVE-2022-2889", "CVE-2022-2923", "CVE-2022-2928", "CVE-2022-2929", "CVE-2022-29458", "CVE-2022-2946", "CVE-2022-29900", "CVE-2022-29901", "CVE-2022-30065", "CVE-2022-3061", "CVE-2022-3080", "CVE-2022-3176", "CVE-2022-31782", "CVE-2022-3297", "CVE-2022-33070", "CVE-2022-3344", "CVE-2022-3424", "CVE-2022-3437", "CVE-2022-34903", "CVE-2022-3491", "CVE-2022-3534", "CVE-2022-3542", "CVE-2022-35737", "CVE-2022-3586", "CVE-2022-3606", "CVE-2022-3628", "CVE-2022-36879", "CVE-2022-36946", "CVE-2022-3707", "CVE-2022-3715", "CVE-2022-37434", "CVE-2022-37454", "CVE-2022-3775", "CVE-2022-38177", "CVE-2022-38178", "CVE-2022-3857", "CVE-2022-40674", "CVE-2022-4095", "CVE-2022-4139", "CVE-2022-41916", "CVE-2022-42328", "CVE-2022-42329", "CVE-2022-42898", "CVE-2022-42919", "CVE-2022-43551", "CVE-2022-43552", "CVE-2022-43680", "CVE-2022-4378", "CVE-2022-4415", "CVE-2022-44640", "CVE-2022-4543", "CVE-2022-4662", "CVE-2022-46908"], "modified": "2022-12-30T18:03:13", "id": "AVLEONOV:317FBD7DA93C95993A9FFF38FB04A987", "href": "https://avleonov.com/2022/12/30/scanvus-now-supports-vulners-and-vulns-io-vm-linux-vulnerability-detection-apis/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}