DATABASE RESOURCES PRICING ABOUT US

{"id": "ICSA-21-336-06", "vendorId": null, "type": "ics", "bulletinFamily": "info", "title": "Hitachi Energy APM Edge", "description": "## 1\\. EXECUTIVE SUMMARY\n\n * **CVSS v3 8.2**\n * **ATTENTION: **Low attack complexity\n * **Vendor:** Hitachi Energy\n * **Equipment: **Transformer Asset Performance Management (APM) Edge\n * **Vulnerability:** Using Components with Known Vulnerabilities\n\n## 2\\. RISK EVALUATION\n\nSuccessful exploitation of this vulnerability could cause the product to become inaccessible.\n\n## 3\\. TECHNICAL DETAILS\n\n### 3.1 AFFECTED PRODUCTS\n\nHitachi Energy reports this vulnerability affects the following APM product versions:\n\n * APM Edge Version 1.0\n * APM Edge Version 2.0\n * APM Edge Version 3.0\n\n### 3.2 VULNERABILITY OVERVIEW\n\n#### 3.2.1 [USING COMPONENTS WITH KNOWN VULNERABILITIES](<https://owasp.org/www-project-top-ten/2017/A9_2017-Using_Components_with_Known_Vulnerabilities>)\n\nHitachi Energy is aware of public reports of this vulnerability in the following open-source software components: OpenSSL, LibSSL, libxml2 and GRUB2 bootloader. The vulnerability also affects some APM Edge products. An attacker who successfully exploits this vulnerability could cause the product to become inaccessible. \n \n[CVE-2021-3449](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3449>), [CVE-2020-1971](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-1971>), [CVE-2019-1563](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1563>), [CVE-2019-1549](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1549>), [CVE-2019-1547](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1547>), [CVE-2021-23840](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23840>), [CVE-2021-23841](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23841>), [CVE-2017-8872](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8872>), [CVE-2019-20388](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-20388>), [CVE-2020-24977](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-24977>), [CVE-2021-3516](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3516>), [CVE-2021-3517](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3517>), [CVE-2021-3518](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3518>), [CVE-2021-3537](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3537>), [CVE-2021-3541](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3541>), [CVE-2020-10713](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-10713>), [CVE-2020-14308](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-14308>), [CVE-2020-14309](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-14309>), [CVE-2020-14310](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-14310>), [CVE-2020-14311](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-14311>), [CVE-2020-15705](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15705>), [CVE-2020-15706](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15706>), [CVE-2020-15707](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15707>), [CVE-2020-14372](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-14372>), [CVE-2020-25632](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25632>), [CVE-2020-27749](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27749>), [CVE-2020-27779](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27779>), [CVE-2021-20225](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-20225>), and [CVE-2021-20233](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-20233>) have been assigned to the vulnerability in these components. \nA CVSS v3 base score of 8.2 has been calculated for the worst case; the CVSS vector string is ([AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H](<https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H>)).\n\n### 3.3 BACKGROUND\n\n * **CRITICAL INFRASTRUCTURE SECTORS:** Energy\n * **COUNTRIES/AREAS DEPLOYED: **Worldwide\n * **COMPANY HEADQUARTERS LOCATION:** Switzerland\n\n### 3.4 RESEARCHER\n\nHitachi Energy reported to CISA that Transformer APM Edge contains open-source components with these known vulnerabilities.\n\n## 4\\. MITIGATIONS\n\nHitachi Energy recommends users update to Transformer APM Edge v4.0. This version updates the software components to remediate this vulnerability.\n\nHitachi Energy recommends the following security practices and firewall configurations to help protect process control networks from attacks that originate from outside the network:\n\n * Physically protect process control systems from direct access by unauthorized personnel. \n * Do not directly connect to the Internet.\n * Separated from other networks by means of a firewall system that has a minimal number of ports exposed.\n * Process control systems should not be used for Internet surfing, instant messaging, or receiving e-mails.\n * Portable computers and removable storage media should be carefully scanned for viruses before they are connected to a control system.\n\nPlease see Hitachi Energy advisory [8DBD000057](<https://search.abb.com/library/Download.aspx?DocumentID=8DBD000057&LanguageCode=en&DocumentPartId=&Action=Launch>) for additional mitigation and update information.\n\nCISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. \n \nCISA also provides a section for [control systems security recommended practices](<https://us-cert.cisa.gov/ics/recommended-practices>) on the ICS webpage on [us-cert.cisa.gov](<https://us-cert.cisa.gov/ics>). Several recommended practices are available for reading and download, including [Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies](<https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf>).\n\nAdditional mitigation guidance and recommended practices are publicly available on the [ICS webpage on us-cert.cisa.gov](<https://us-cert.cisa.gov/ics>) in the Technical Information Paper, [ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies](<https://us-cert.cisa.gov/ics/tips/ICS-TIP-12-146-01B>). \n \nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.\n\nNo known public exploits specifically target this vulnerability. This vulnerability is not exploitable remotely.\n\n## \nContact Information\n\nFor any questions related to this report, please contact the CISA at: \n \nEmail: [CISAservicedesk@cisa.dhs.gov](<mailto:cisaservicedesk@cisa.dhs.gov>) \nToll Free: 1-888-282-0870\n\nFor industrial control systems cybersecurity information: https://us-cert.cisa.gov/ics \nor incident reporting: https://us-cert.cisa.gov/report\n\nCISA continuously strives to improve its products and services. You can help by choosing one of the links below to provide feedback about this product.\n\nThis product is provided subject to this Notification and this [Privacy &amp; Use](<https://www.dhs.gov/privacy-policy>) policy.\n\n**Please share your thoughts.**\n\nWe recently updated our anonymous [product survey](<https://www.surveymonkey.com/r/CISA-cyber-survey?product=https://us-cert.cisa.gov/ics/advisories/icsa-21-336-06>); we'd welcome your feedback.\n", "published": "2021-12-02T00:00:00", "modified": "2021-12-02T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 7.5}, "severity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL"}, "exploitabilityScore": 3.9, "impactScore": 5.2}, "href": "https://www.us-cert.gov/ics/advisories/icsa-21-336-06", "reporter": "Industrial Control Systems Cyber Emergency Response Team", "references": ["https://www.cisa.gov/uscert", "https://www.cisa.gov", "https://www.cisa.gov", "https://www.cisa.gov/ics", "https://twitter.com/share?url=https%3A%2F%2Fus-cert.cisa.gov%2Fics%2Fadvisories%2Ficsa-21-336-06", "https://www.facebook.com/sharer.php?u=https%3A%2F%2Fus-cert.cisa.gov%2Fics%2Fadvisories%2Ficsa-21-336-06", "http://www.addthis.com/bookmark.php?url=https%3A%2F%2Fus-cert.cisa.gov%2Fics%2Fadvisories%2Ficsa-21-336-06", "https://owasp.org/www-project-top-ten/2017/A9_2017-Using_Components_with_Known_Vulnerabilities", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3449", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-1971", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1563", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1549", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1547", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23840", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23841", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8872", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-20388", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-24977", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3516", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3517", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3518", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3537", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3541", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-10713", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-14308", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-14309", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-14310", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-14311", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15705", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15706", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15707", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-14372", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25632", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27749", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-27779", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-20225", "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-20233", "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000057&LanguageCode=en&DocumentPartId=&Action=Launch", "https://us-cert.cisa.gov/ics/recommended-practices", "https://us-cert.cisa.gov/ics", "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf", "https://us-cert.cisa.gov/ics", "https://us-cert.cisa.gov/ics/tips/ICS-TIP-12-146-01B", "https://www.dhs.gov/privacy-policy", "https://www.surveymonkey.com/r/CISA-cyber-survey?product=https://us-cert.cisa.gov/ics/advisories/icsa-21-336-06", "http://twitter.com/icscert", "https://www.dhs.gov", "https://www.dhs.gov/freedom-information-act-foia", "https://www.dhs.gov/homeland-security-no-fear-act-reporting", "https://www.dhs.gov/plain-writing-dhs", "https://www.dhs.gov/plug-information", "https://www.oig.dhs.gov/", "https://www.whitehouse.gov/", "https://www.usa.gov/", "https://www.dhs.gov/"], "cvelist": ["CVE-2017-8872", "CVE-2019-1547", "CVE-2019-1549", "CVE-2019-1563", "CVE-2019-20388", "CVE-2020-10713", "CVE-2020-14308", "CVE-2020-14309", "CVE-2020-14310", "CVE-2020-14311", "CVE-2020-14372", "CVE-2020-15705", "CVE-2020-15706", "CVE-2020-15707", "CVE-2020-1971", "CVE-2020-24977", "CVE-2020-25632", "CVE-2020-27749", "CVE-2020-27779", "CVE-2021-20225", "CVE-2021-20233", "CVE-2021-23840", "CVE-2021-23841", "CVE-2021-3449", "CVE-2021-3516", "CVE-2021-3517", "CVE-2021-3518", "CVE-2021-3537", "CVE-2021-3541"], "immutableFields": [], "lastseen": "2022-04-26T21:38:33", "viewCount": 10, "enchantments": {"dependencies": {"references": [{"type": "aix", "idList": ["OPENSSL_ADVISORY31.ASC", "OPENSSL_ADVISORY32.ASC", "OPENSSL_ADVISORY33.ASC"]}, {"type": "almalinux", "idList": ["ALSA-2020:4479", "ALSA-2020:5476", "ALSA-2021:0696", "ALSA-2021:1024", "ALSA-2021:1597", "ALSA-2021:1734", "ALSA-2021:2566", "ALSA-2021:2569", "ALSA-2021:4198", "ALSA-2021:4424"]}, {"type": "amazon", "idList": ["ALAS-2020-1344", "ALAS-2020-1438", "ALAS-2020-1456", "ALAS-2021-1482", "ALAS2-2020-1406", "ALAS2-2020-1456", "ALAS2-2020-1534", "ALAS2-2020-1573", "ALAS2-2021-1608", "ALAS2-2021-1612", "ALAS2-2021-1622", "ALAS2-2021-1662", "ALAS2-2021-1677", "ALAS2-2021-1684", "ALAS2-2021-1718"]}, {"type": "apple", "idList": ["APPLE:1451472D328FDFE3DC99DD199D7D7CB9", "APPLE:45AD95C7804251FD775E15CAF7FF51C6", "APPLE:4B24B474978FAA0D4305A8A3C49C9CB5", "APPLE:6C809F398EB5C607CA9186D5B9CAEAFC", "APPLE:8592A5882F33472850FF959BB2667129", "APPLE:B08BBADEFC88806E12CB234F1EB6C4C6", "APPLE:CABE34499864F4FA47751E5A9FCC58AC", "APPLE:D1EFA282D15E4426E62FDDF4866ECA7F"]}, {"type": "archlinux", "idList": ["ASA-202011-15", "ASA-202012-24", "ASA-202102-42", "ASA-202103-10", "ASA-202106-43"]}, {"type": "attackerkb", "idList": ["AKB:93D7F9FF-1F51-45C7-8172-B3E45415E966", "AKB:98773293-D092-495A-AD61-3E5439225950", "AKB:D179C673-BB99-4F4C-9D19-8FF081A85C1F", "AKB:EFF2BDE8-13EC-40D1-9F07-6C6AC4806059"]}, {"type": "centos", "idList": ["CESA-2020:3217", "CESA-2020:3220", "CESA-2020:3996", "CESA-2020:5566", "CESA-2021:3798"]}, {"type": "cert", "idList": ["VU:174059"]}, {"type": "checkpoint_security", "idList": ["CPS:SK168414", "CPS:SK172983"]}, {"type": "cisa", "idList": ["CISA:4CA744242533EA980240D07CC5A48867"]}, {"type": "cisco", "idList": ["CISCO-SA-GRUB2-CODE-EXEC-XLEPCAPY", "CISCO-SA-OPENSSL-2021-GHY28DJD"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:177BD11FEDF3F89426E99286BC7DC46B", "CFOUNDRY:431A5FEB07A8E937BEDFD31D7F1BE817", "CFOUNDRY:5EA35272975027EBFB62DFE2535B7B4B", "CFOUNDRY:79AEA0CB72178344BEE07C9B9FEA86F0", "CFOUNDRY:A2488D03CBE987233F934844F44A3BB5", "CFOUNDRY:BCFE0333C3F2E89FFDF11615D117C9AF"]}, {"type": "cloudlinux", "idList": ["CLSA-2020:1608724134", "CLSA-2021:1614885634", "CLSA-2021:1632261785", "CLSA-2021:1640697315", "CLSA-2022:1641903536"]}, {"type": "cve", "idList": ["CVE-2017-8872", "CVE-2019-1547", "CVE-2019-1549", "CVE-2019-1563", "CVE-2019-20388", "CVE-2020-10713", "CVE-2020-14308", "CVE-2020-14309", "CVE-2020-14310", "CVE-2020-14311", "CVE-2020-14372", "CVE-2020-15705", "CVE-2020-15706", "CVE-2020-15707", "CVE-2020-1971", "CVE-2020-24977", "CVE-2020-25632", "CVE-2020-27749", "CVE-2020-27779", "CVE-2021-20225", "CVE-2021-20233", "CVE-2021-23840", "CVE-2021-23841", "CVE-2021-3418", "CVE-2021-3449", "CVE-2021-3516", "CVE-2021-3517", "CVE-2021-3518", "CVE-2021-3537", "CVE-2021-3541"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1932-1:82F68", "DEBIAN:DLA-1932-1:8690A", "DEBIAN:DLA-2369-1:46D38", "DEBIAN:DLA-2369-1:E14AE", "DEBIAN:DLA-2492-1:77952", "DEBIAN:DLA-2493-1:D2596", "DEBIAN:DLA-2563-1:7D5FC", "DEBIAN:DLA-2563-1:B363B", "DEBIAN:DLA-2565-1:2FCB7", "DEBIAN:DLA-2565-1:CC1A3", "DEBIAN:DLA-2653-1:1DB39", "DEBIAN:DLA-2669-1:F8CC1", "DEBIAN:DLA-2751-1:5F8DA", "DEBIAN:DSA-4539-1:42F6F", "DEBIAN:DSA-4540-1:F4ED8", "DEBIAN:DSA-4735-1:A9183", "DEBIAN:DSA-4807-1:1C1CB", "DEBIAN:DSA-4807-1:B0537", "DEBIAN:DSA-4855-1:4A0C0", "DEBIAN:DSA-4855-1:B091B", "DEBIAN:DSA-4867-1:7DFCD", "DEBIAN:DSA-4867-1:C31EC", "DEBIAN:DSA-4875-1:829EF", "DEBIAN:DSA-4875-1:AE1B0"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2017-8872", "DEBIANCVE:CVE-2019-1547", "DEBIANCVE:CVE-2019-1549", "DEBIANCVE:CVE-2019-1563", "DEBIANCVE:CVE-2019-20388", "DEBIANCVE:CVE-2020-10713", "DEBIANCVE:CVE-2020-14308", "DEBIANCVE:CVE-2020-14309", "DEBIANCVE:CVE-2020-14310", "DEBIANCVE:CVE-2020-14311", "DEBIANCVE:CVE-2020-14372", "DEBIANCVE:CVE-2020-15705", "DEBIANCVE:CVE-2020-15706", "DEBIANCVE:CVE-2020-15707", "DEBIANCVE:CVE-2020-1971", "DEBIANCVE:CVE-2020-24977", "DEBIANCVE:CVE-2020-25632", "DEBIANCVE:CVE-2020-27749", "DEBIANCVE:CVE-2020-27779", "DEBIANCVE:CVE-2021-20225", "DEBIANCVE:CVE-2021-20233", "DEBIANCVE:CVE-2021-23840", "DEBIANCVE:CVE-2021-23841", "DEBIANCVE:CVE-2021-3418", "DEBIANCVE:CVE-2021-3449", "DEBIANCVE:CVE-2021-3516", "DEBIANCVE:CVE-2021-3517", "DEBIANCVE:CVE-2021-3518", "DEBIANCVE:CVE-2021-3537", "DEBIANCVE:CVE-2021-3541"]}, {"type": "f5", "idList": ["F5:K24624116", "F5:K42232641", "F5:K42910051", "F5:K44070243", "F5:K48187630", "F5:K73422160", "F5:K97324400"]}, {"type": "fedora", "idList": ["FEDORA:0311A304C5D2", "FEDORA:04BF76309A15", "FEDORA:1F4D830C7DBF", "FEDORA:1FF6B30C5606", "FEDORA:210C430584A5", "FEDORA:2C805304C743", "FEDORA:345C8607A30C", "FEDORA:384B96390985", "FEDORA:404B730C2F75", "FEDORA:482AD312AD6B", "FEDORA:49CA3304C366", "FEDORA:4F60F30A106E", "FEDORA:5361730BB4C9", "FEDORA:574BC3099D0A", "FEDORA:591B130E1979", "FEDORA:5DC52306C90A", "FEDORA:72A4E3093B5E", "FEDORA:75CA430AA7A6", "FEDORA:790F1618AE54", "FEDORA:7FD9A309E3EF", "FEDORA:862DE30A5C4D", "FEDORA:8C9CB30BDABD", "FEDORA:9BC6C307F973", "FEDORA:A3E68610D7CA", "FEDORA:B5B17313A0D2", "FEDORA:B8C523106DFF", "FEDORA:C9F463090F26", "FEDORA:CCFB3631D0F6", "FEDORA:D12B9304C743", "FEDORA:DBF7C3092516", "FEDORA:DDF27606E7CA", "FEDORA:E5CE8640A272", "FEDORA:E700F3072E21", "FEDORA:E96CA304C35D"]}, {"type": "freebsd", "idList": ["08B553ED-537A-11EB-BE6E-0022489AD614", "1D56CFC5-3970-11EB-929D-D4C9EF517024", "21D59EA3-8559-11EA-A5E2-D4C9EF517024", "2F3CD69E-7DEE-11EB-B92E-0022489AD614", "524BD03A-BB75-11EB-BF35-080027F515EA", "56BA4513-A1BE-11EB-9072-D4C9EF517024", "5A668AB3-8D86-11EB-B8D6-D4C9EF517024", "76E59F55-4F7A-4887-BCB0-11604004163A", "96A21236-707B-11EB-96D8-D4C9EF517024", "9E0C6F7A-D46D-11E9-A1C7-B499BAEBFEAF", "A6CF65AD-37D2-11EA-A1C7-B499BAEBFEAF", "C0C1834C-9761-11EB-ACFD-0022489AD614", "F5ABAFC0-FCF6-11EA-8758-E0D55E2A8BF9"]}, {"type": "gentoo", "idList": ["GLSA-201911-04", "GLSA-202010-04", "GLSA-202012-13", "GLSA-202103-03", "GLSA-202104-05", "GLSA-202107-05"]}, {"type": "github", "idList": ["GHSA-7RRM-V45F-JP64", "GHSA-83MX-573X-5RW9", "GHSA-84RM-QF37-FGC2", "GHSA-QGM6-9472-PWQ7"]}, {"type": "githubexploit", "idList": ["050B5540-E4D4-523F-A821-852F4E2CCDD8", "4E834790-A0F9-5830-88FE-F520B8FE3CBB", "5BCFB44C-A4FD-5890-AE9A-A60CC135A2F1", "9AC2B544-AF0D-5667-84C8-3889F70386B2", "C3C9928F-AC84-5B3E-980E-F594CABE8EA3", "F96E9425-1BDA-5323-839C-263FF8413976"]}, {"type": "hackerone", "idList": ["H1:1113025"]}, {"type": "hp", "idList": ["HP:C06707446", "HPSBHF03799"]}, {"type": "huawei", "idList": ["HUAWEI-SA-20200923-01-GRUB2"]}, {"type": "ibm", "idList": ["0076A42200CA79BB4F38036CC5133B052749C172669E11C84EDFD56B71758FB7", "00DD5060E6124BE4F25A4AF7DA83D15A52360F89A1F6A84F1ED9C6E28CD62833", "023AF7CE811F35CB9EA5BD22171F66AA17D83D1B9FF44FF925D320814BAE40E2", "02B60CDC8F4BAD8C01ABE804AE47C51EC8A4809D9204EC61478B6A825FBF607B", "0319E4F01D8C2BB1E1D9CA642942762AB6D0486EE87445E505B6585BF79E6E34", "045B3221FB3BBC39DD70A158CACD0ACC0885A17A6B16F3CCA24E243D79A3DFB4", "05C711ADE626E71EEF208B57EB92611FB65BACFAC2E002E5DCF15BB16E425278", "06E45448DD54AD77E13A3A6CDF85E9A5C15F5881E8F05C1E5D3E72BA73F31BE8", "06FE50BE40FEE3497F0E530101C2633637A1990675C077F16FF2FB5E0F90CCF4", "09B2AB76F2BDB96C1D80882C003F4EB4F06924E6DBF0BF3818CF83A2F0AF4B47", "0A2CC076E697047BEB801920E37078BA16894DE0A4DAB7A64E209E04A52ED4A7", "0A425AE154320282FF38ABB3C8BA8D3AD10793B88A3CFCA031B295F986453B12", "0A5B13C8983BE4491518367535A0427B2CBE5B0B75C8384C4657D2E9D8B12509", "0D15D47821CE302EE87F64871F16E8FAED0DF6B97568D7FF28129A9D318E1F27", "0ECBCAAF17194C060682E1B26E2EF9F8F8DA5EA1DAFDB2E39C320FF040DEBF75", "0EF2B3BEA4403B998499114AE5D3693C840E985B7ECCF95FA6F6834A4F819197", "0F5FDD6A95AE2FAC3D7E3C52034692C15DF4E5754EEFEF130DDA4280D97322F2", "1022F1A8652F556CC61338952DE52ECA055F8D74B75EE7AF0120EF547C2DEB6E", "139A767E78EF5784BB06A1698C1C80B09CA0AF17317EB56599D48F57E4526AC7", "14A887E26BDEB476941873D8603CE7056CDC1B2DDE8715BEE33CDC5E12E4CB69", "156A423D91231641B7B06703B06D394BB31F565A2A6E565DA370AE1DFE2E3F38", "1695654077F888DBA5D74372BE319A101D1D52DECCCA129B96319385DBC072A0", "170E4063965BDD4021AA25E9D20451E46806FF23665DC84D00B99CA2E7852264", "17E2A2234B8EB1A1FD88875B4639DD7977B1A0F62BC6D5F9D6C40BAFB9288E47", "1891AE889CE05747740C9778CA1007930CA83E968EB362C818E912B39075A487", "1A35248CBBA17AE981ED0B52B133E7CA1678042C1A9C93C2EC8BED2EF8994420", "1A8A5E6AC75FF4A1A546DD1431D4E3A224B13E96434DBC2C5C874D7E73D90553", "1AD1D443A812E31635C257C107A94874F8B4C76399451E955FF84E25916790A9", "1B0ED4A3526A4957AFA5966EC1D954AC93826AA8F95F1EF2E8A3A6657E73F691", "1DAFFF28AC34C8DA1A937E9644BE4D8E8B813CF125F13D52F12ED92015236660", "1FEA014B0C2FDFA9CD279E4CFD9E200E38418FF00A5DAAACDABABCEF7837D1FC", "20763F2B27C66C722124CBB23FF4ECBE76431735E0AC6E1F94E8999CB3A2CB25", "2404E42A6AEF9D8505CDF5F29071088D46DB039426A35293F5767A7820D62316", "25397404A49A13F607BAB2C3AB213E098E878D383B3AD1E6FA8C841C89EA04A7", "26D8B9BA25346A1142EC41EC455309415D14076E05E1C0FE94BCF3C77CFC130B", "28A2C71EDE0E1C909579C85700FC4017F15D79281B415762C645CD0CB1D205E1", "29FEB4BC243AF3979A9988871B7F5C155C9D2A35DC7B74A7FF221E6D9E7BEA57", "2E58B569B4DB4763709C8CD7E2753A53378BB27D938664EE87B306305B546DAA", "2E99FBB731310229E5D67CCF834D84A3C63F588068BE4D2601929B95EFC9AA89", "30A5CA62F6580AAFA852738DF5325C812D685A3292E94F7A9E759C1125E79A0A", "3410A57294243E5BBAFB4C69F17AC837FB02B049396A85D095AF16279272DED9", "34BD53EB31AD88FE6BCD0318A3283205983F8374B4E36C18A2AB87E881443510", "3617E5DB629BF3E4966913C6CBFB7FB0D83FD9726DE73DD22305E09D36598E97", "3751D59918B26EEDBAC0FEE1886D1A118A9D2105E993222B09C299A55F5D8424", "386787210638336CC8A4D4477798C39C1093AF9F1749D0FFC4352CD55B67EECC", "39807D1224804C1ED4DF9E9B1CDF9DB3C95A5882806B68B2EFFC0D340A45AD41", "3A316023122DAAAAC2F4CB0B56E3C5CC516728DF68ADF89F970C29980B333EF1", "3BA65632D2C38CB6B2155205BEF7E978F1A0061EDF59190756A9E0B8A31E73D6", "3BE79102A2F18E30974A76F6EEA76AB92CA1A8F7FCB7D3215942A025A80C18BA", "3F34AB5AA343AE750DDC18968E6F874BE99938ACC1A401B2E368156C6C827FD8", "40AB54AD406F2338CEDC99E69986ECDC190917A9D711E806EACC78563FDDE00D", "40FF55B5795EDDC89506253F7614F64D589E9F985162917C433828167306DB0E", "41E5114A4BDDC5721ED193477AF4D7766B975DA049CA337ACB35DD35514BD892", "4223020B90AF919EA98021361F9A17891EA6F508044EB9D3F23F0EDA5BBDDF9F", "478179A4FF7D7F88209674CCCA14AA5E28599D1CB2F8DECF2A69F98F78B27118", "4C62280F93124FD0C7C5C20CA30CD4D137F1D0A9E1E35780DCDE98EDBCFD8B1B", "4CE1B2F6454C1BD94457E47D668B97B231076132166B23B18741F946099CC719", "4E39FDB5C241C26D4DD2BD5D0D87CEBA03C22671C2E86D53C726034AAB37EFD2", "4E6353F1062DDEE2F859DA9376A59A0A02E58324E8A0BB460968024ADB369792", "4E7FE0F1E30AF3FEDE3E69121DBC9B8ED2C0931A5F59643DDC7CCF633D093C6D", "4F8D39F3F464E5E9FD3000C317BC69CF4FEEE9F0605C69E62D810607C6BB87CD", "51B18D37F54E0E13CB87112E0323518D15B4E3A206BB32632FE2181BBF89BDC8", "54C108178FEFCC2E097FAAE5C25ED91CFC0811D8F54A2518390833D0DCC7402A", "568C1946F6948551373693B819E984491EDA4324124EB255F933921898311FAA", "57BB882F7F5524BA47B77688E8046E805474E9688D5956EA923E5C92D5670EF7", "5817362CFEBEC3D97C56F71F58F7BAD39B11D1FC1BE175D82D99141AA79FD8BD", "5834E81AF46691B1D89090AAA05DF8D5F3F6ABF00015A6CCFC60814EADDADCF6", "58D56C8D2689944BB7E42143A4197A4D5AE86937E35B03E954812116FCACD6C3", "59873E9D68D5BCE48BA1B8F038F5BCC405378071B6D1BD81B4FCD123E38F614A", "5B9FE3466C6709549936B7AF9F0C0D4DCFCB7C692D0EEFEE7E0A64D8C6798193", "5CAD5D32258B6EBB72263ED99B6DE586C3A3347FA7743140740A1F7CC94CC9A8", "5EEF86E68F23C5E3E4A700D875FD52D137A180161C92B0E0F8541AB754241C6D", "60534107EEBE1FC28BA7B5968A9A0C51CA6E5FDA395D6771A575BA502A8E6DD8", "6154DEF6F23663D7D1FF5A7AC8111991A9724E8158A01D10C2D5BAC51D31ACFA", "6549F7FB91216E6B5325DB660AF73FDF2D181F5FC1D3D96D412B600D6C349A96", "65EC64A753CE4A7F6C9FBB3047D29A2833F1E56F4AB452D779D8436BA19B01F0", "687EF3D9E4C66E2EC0DD556D7C5488A09AD8CF69EA1010A9456E63DF45C0B64F", "6A618EAE42104251ED8BFD4A24087719BC5523571FCFED871C921517BEA0FE71", "6A87B9F11547CBB5AC4F1FE177841B2F643EC4AD8D24A2DD05457A4859C2A497", "6B9D154BCE10DADDC28B259A53CDE7ADF906DBCB05E8EF0696407EACF7A37CB7", "6D3425A0F0AC497D9373EB79F701BB6FE45BF2A5671D3550DEFC979312243F52", "6DDE0AB3F5A1C0ECED0D3A1782B11127DF6AF38D29F8D9E53C49DFCD5B38E559", "6DFE02E47206439339CF69003DED7C6A339BE8A9FDA6611EA300ACF64BDB9DD1", "74E5BA0DD741B213E2EBE1411085F954FAA7766A811E6603516C4ECCEDF6D35A", "74F2A94336E51B0E3062906A1A2B7FB8CDE35DFD901789C840E3CE1DA62E9EF6", "7515461187DFB015988713DF2DBDEA4817C1389377BFCF2A0E37795D61EB76DF", "7712F0249FC574F5E6BB742100BF0E53D089C499325D28D0E2739DFD47B4CADA", "7721744B6CF259BF11FF7B6430AE43A25D620EF548BC9DF53A5A8B7DB5079B31", "7C01AFE6E64B43031575F0102FF010954F3B02AB92048869BDE2D0610503F56C", "7CC35644F6B021F831E7F0CE6202E800E4D6128DCDC6A585E8A27C3D0C5B672E", "7D158CE8DF0EAA9F8D32E562C6E3311BC04075EC6BE07466A648F40065F0CEAD", "7E466DB7C3E6D0FD95B6290D6AABCA2CA5965052B0CC5CB552473151BFA7576F", "7EDC7E4A607AC78AB259E545462224179BA0B894DBBE1C19D52406785B960D30", "82D897D235CFB70936ACD9CA3E6034885E56EBCC4A41A67CD33F1077B9C80885", "841ABF9ADD122315E9FF98182FCCE868E8819519D3577D87A3CBDF6FFE75C0B5", "8714B27B18D765F1326AFEF2579AC2E5C4090BAD7C157B8A00E38F60DBABFAD3", "87DCB77CF764C7235B6473B289E603F21A1588D5812BC1D3022468CF1C8EF03A", "89BE9EE6717FD5FE5CAC882E73D515D8E83F7EB08EF93BE1CF98227C2B6807B1", "8A9DA62ACD0528EEF6577A7929613A497D58F78FF0E64379975CCC381DD42953", "8CB93770328F2819DE92FFEB5767258BAD5A547F304198FB72E85CAB4E4E55B4", "8CD12EF78572A4084B09F1DEB451D5D52F854099E5B1A1A30714B96E6F38483F", "8CF6A6FE2F39323B5977B7A87F227610F8DCFED21A1A2E55F1C1160FF28EB52E", "8D64F104C14AF2A33552E861AE403F451EDADB214820F820DA429C523DB6D464", "8F36292DD2EC673F77E7D26F88D6129155EA165304B1A957E549DC327B6DCB50", "914B3D8A3C96750F83A07447B8B437FD19FA6D91185D7E4959ABEC5B8EC2CC0B", "93D982A39132D6971EA07E3AA657EC8948513467BCB8FA924C2C3CDB21B10B29", "94283DE0584ABF5D790E0534ED68F70746D7978ACD04057D9A9DAD20D45397A9", "94C8E395B6338085E8461409E580AA61C96EF8DD68BFF191D3C879615D5F2666", "956982A3E052293F0151836446E11BFC653A802D63CD0248D1D89A3EE15C0636", "95F72A00E1A8D6C6435D5EA582DBD8F295F4C86F1D6773A4DD617BAD40C3247F", "979C1C302656B100A9230D67DC5FDA9D31E695FEDE62BEA27566840475B31B1B", "97D5F772EC68BDCD260FBB9DFB7A322AAAC657E9360305DF11F9C6A6A40D1B85", "97DAF9DC379788A0256F1282C0BACE119D9E6A9486647915DB7396CD37EB5480", "981346B4F2948F216BED89C4CD8BE79AD6F63DE1FBA4E88FB16B5600DC4A27C5", "9A04620999F6A5C33EA2D706818867EC5FDA6193AE9CFACF3632E54A7A590B2D", "9C2F629D74A0CEB50295825F06E9E3F031D43FAA69C3940ECFB41EE6607361C2", "9CA00C2BDE957BF44B4329F0A3D80409AFD7AADC285DB1D955C3F0D67091FC5C", "9EB7DFD9B3377D5C1FC48B4A080D561B3C1D73E4386FA7B1F26B97B2151E0B72", "A21450CA46A13FB7D14123F07EF140C38F3E8D99CAA98E59F1BF8D289483212C", "A2D06FB3017FCE651EA8255C84E9C676D1204865B3375BA8E8B8F438AA9B7256", "A2E923A551C0F36BAC84848E053A3A93F2AC1141EB9D1739FE1D48A6684F5352", "A3AA1EABC04F772D5CDA8853B864F229765DC4A3D9C4B8F0FBF97542821DB5E9", "A5DABD1C1B1C58D900A9518CCA7EC1C03488CC2DF1750F65600D7F0C8E0E4763", "A5F646FF4C83A4B1D2C8B47FCAC3D208DF17454D859B9AB5DD63F0E74300162C", "A701AFC8C238BDFFC275CACF75BFA2343212CCA8077B0C43D13D17FB1392C9ED", "AE3208EEE597DADD8531B516A96ADB9FF4C1017F9E86C776CEC09336A409AEEF", "AE413A41FDE54AC4D804F45C3B1313A6FDB6DDFD8F106CA5A8F1D05E8B3FD89E", "AED0F240DF3C88F319E3FB42ACD61D16097A82B46ED80B7D90B6C196F011838C", "AF755D0AFFE03556C8B9305D8915C03A01FE89F8467352FDCE443EF53F8AF11B", "B0528F9B036E05AC9A10262631DAF76C50D058E8380B936E9BB1177907389047", "B0DF32322CE6A2B6D1EC5D029C9322141A4F0B90F6393DD9417AE692DA63CE98", "B17F6EA32217517527CEC9840D03393C5EFC22D03E15D5F135A129A339DB07A0", "B2EB1B0A78976B31AE7FEB79078A0F8E1A1DC8FD8366FABA05AEA647813A50A2", "B71E0BF361A8070A23A3F1A12855E8451A139F411163CC699F31E14C71A1F3EA", "B7BA5F69F24A628309DDEB4E2D3F14EFFC76E85846D015C3C74B090A1ADCD851", "B7D409E9A403BA9F7B31027D06EA38DD15E5D87F56D21161B5BA8A2053445315", "B80D2752DA6D220C15B399D294DC83B951CF616E39EF752AB12C0553D569D418", "B84F7F4123A804A302C153F4A21C7E875F78002FC36F075753E6FFC93C24043D", "BB600B119BB0BCBE0C1A441D96B93496AC1319A4F50379AB81C6EC6E8A6222AF", "BDF8F6272DDC9AFF34CC149E66EE100802632EF6ECBB6A1F85ED4C5AAC63B956", "BDFA432EA62E6EFDD1DA5F84B4EE926C27FCF1125443F9D0EC5005B0FEE74C89", "BDFFEC82B2EDD09B2B9BBF108A0FF2E0545F478096EDDC6BB9309619F66D585B", "C09C5C1FD3C60B48E6AFE6C609BF568B8A996E541FEDA06CAD3678833B7435CF", "C43D2CB156B7BD39FC113EAD22568306F95463D3E29CC3A697EB085F142533BB", "C50326F22AE5B1A52E9A64956D1CB8CFDEC3B08CAC81413723C4C38204E7B363", "C596338966F1610A28DC01FBB21502CC71651B70DBC8B96D9603EBE432E4D5E6", "C8E3076BF00DD8380618AD02C4DDA7DF7604CC6B6A724449CCB6A06853CAED2A", "CA1E3EFC07D22B2DA86595362931D640F30F757529856481F669DB4619DAD922", "CB765B8720A2E211CEA709C71E6C4409A9A1FE0813B5C8FA4AE6417BE059E68A", "CBCC379563323EBE1812461205257622C05A3C7EB51AEE2176BCFB46533D2159", "CC1A4751363BAF070355299EF4837A7E17D105E504AC93B43A4CACBE41426035", "CC6DB3505939453FB542901C62C95B2A03B3815D8482DF559005310A267A606D", "CC7C59C447672FD38F401C113CC2FB566A4A8ECC5BA33F3AD6C4A2198333F41B", "D1F42AA8CB20DBF23F25294AF1D5952B14F11D54D59A127F5802F150505DD446", "D4605A3E4B82D75958E3F05D638BCF54E232D127187FF62B91A6419CC8738577", "D860B85F49895E0D8CF0AC6A066F6902558B044E03F0320678E24399C41C6135", "DB8E4E659E64514548095D982131905FB3A6F5608C5916769B8820AA6A05133D", "E07C0C4D82739BCF3EC12790499FE045BA8E517D49D7B04601CDBB95AF91DA23", "E3347BCB529A35601F044748C20F62BDDA272E18F4F99AF1DC1EC2079BD36858", "E3E29938D5D0031514AFE0A7E80C2513F25C4DCE6D5E26A93BE99C9CA93B0FEA", "E4B907FE5279D8C6CE8330CC79305C67649550BA06CF29D70ABB593E6074803D", "E7B4E1607446FED2E1EA3DED4F35354BBD746B762279FBE37A746CB69873BBAB", "E8FB04B96E4922EE98A4E39A82665391B5E33FFBD84BF83FC189E8E9D5922FC8", "EBCAE79C78E25C53F68D6476B1A365416013A82CC75BAFBA0C65816EA47B537E", "EC583EC959A2A069B275113A4307EA1C258F0306C4E67508A1300BE5A8431AC2", "EE5F9D378BF1AA88F64F93D2EEE2D42D28CE88FD1BA84A9CF23EBEC09C1F600D", "EFC1B556A22098087C19B5342F262C1D63356C91A618DD58A453DF339E10D8AD", "F10F8D3E795F8FC960C9DE67D3C8A350C036905B85F3908BFE6956BF772DB36B", "F65F1D96E364841337F0770420AA39E180E57CF181628F15C7259D9D9A9E8BDD", "FA28CB50714C2E033435E17981D021316797914289ED09AB906E1A7CBA22C8A3", "FA8947935D7353A8494BB4E9213036F88B784759F33BB661330A2FD4F6E4F874", "FD2209B7CB15638992B681C2106BFB54C56CAD087AEDD9B4249C0F8E7ADCB3D2", "FDE1BF635D60EE0CA8051E326BCA1EFB7C7E659B969B5B079432E17D2860391E", "FE6D95CEEFE9596CD6D6134F8326AB13E3C97D550B3E62F57DECDBDBC51C329A", "FE89F8E2C667D09C2C5C2208AC1E6F9525947B9E4A96A92CFD5C9D80113D73FB", "FEE45A44E8C46E13896C20C8C9B2A275C16E5652E4DF723FE4A044838B932DB1"]}, {"type": "ics", "idList": ["ICSA-21-336-08", "ICSA-22-069-09", "ICSA-22-104-05", "ICSA-22-116-01", "ICSA-22-130-06"]}, {"type": "kaspersky", "idList": ["KLA11584", "KLA11641", "KLA12311"]}, {"type": "lenovo", "idList": ["LENOVO:PS500336-GRUB2-VULNERABILITY-AKA-BOOT-HOLE-NOSID", "LENOVO:PS500336-NOSID"]}, {"type": "mageia", "idList": ["MGASA-2019-0354", "MGASA-2020-0101", "MGASA-2020-0465", "MGASA-2020-0467", "MGASA-2021-0002", "MGASA-2021-0108", "MGASA-2021-0176", "MGASA-2021-0213", "MGASA-2021-0232", "MGASA-2021-0291", "MGASA-2021-0315", "MGASA-2022-0050"]}, {"type": "mscve", "idList": ["MS:ADV200011", "MS:CVE-2020-1971", "MS:CVE-2021-3449"]}, {"type": "nessus", "idList": ["AL2_ALAS-2020-1406.NASL", "AL2_ALAS-2020-1456.NASL", "AL2_ALAS-2020-1534.NASL", "AL2_ALAS-2020-1573.NASL", "AL2_ALAS-2021-1608.NASL", "AL2_ALAS-2021-1612.NASL", "AL2_ALAS-2021-1622.NASL", "AL2_ALAS-2021-1677.NASL", "AL2_ALAS-2021-1684.NASL", "AL2_ALAS-2021-1718.NASL", "ALA_ALAS-2020-1344.NASL", "ALA_ALAS-2020-1438.NASL", "ALA_ALAS-2020-1456.NASL", "ALA_ALAS-2021-1482.NASL", "ALMA_LINUX_ALSA-2020-4479.NASL", "ALMA_LINUX_ALSA-2020-5476.NASL", "ALMA_LINUX_ALSA-2021-0696.NASL", "ALMA_LINUX_ALSA-2021-1024.NASL", "ALMA_LINUX_ALSA-2021-1597.NASL", "ALMA_LINUX_ALSA-2021-1734.NASL", "ALMA_LINUX_ALSA-2021-2566.NASL", "ALMA_LINUX_ALSA-2021-2569.NASL", "ALMA_LINUX_ALSA-2021-4198.NASL", "ALMA_LINUX_ALSA-2021-4424.NASL", "APPLE_IOS_146_CHECK.NBIN", "APPLE_IOS_147_CHECK.NBIN", "AZUL_ZULU_17_30_16.NASL", "CENTOS8_RHSA-2020-1840.NASL", "CENTOS8_RHSA-2020-3216.NASL", "CENTOS8_RHSA-2020-4479.NASL", "CENTOS8_RHSA-2020-5476.NASL", "CENTOS8_RHSA-2021-0696.NASL", "CENTOS8_RHSA-2021-1024.NASL", "CENTOS8_RHSA-2021-1597.NASL", "CENTOS8_RHSA-2021-2566.NASL", "CENTOS8_RHSA-2021-2569.NASL", "CENTOS8_RHSA-2021-4198.NASL", "CENTOS8_RHSA-2021-4424.NASL", "CENTOS_RHSA-2020-3217.NASL", "CENTOS_RHSA-2020-3996.NASL", "CENTOS_RHSA-2020-5566.NASL", "CENTOS_RHSA-2021-3798.NASL", "DEBIAN_DLA-1932.NASL", "DEBIAN_DLA-2369.NASL", "DEBIAN_DLA-2492.NASL", "DEBIAN_DLA-2493.NASL", "DEBIAN_DLA-2563.NASL", "DEBIAN_DLA-2565.NASL", "DEBIAN_DLA-2653.NASL", "DEBIAN_DLA-2669.NASL", "DEBIAN_DLA-2751.NASL", "DEBIAN_DSA-4539.NASL", "DEBIAN_DSA-4540.NASL", "DEBIAN_DSA-4735.NASL", "DEBIAN_DSA-4807.NASL", "DEBIAN_DSA-4855.NASL", "DEBIAN_DSA-4867.NASL", "DEBIAN_DSA-4875.NASL", "EULEROS_SA-2019-2097.NASL", "EULEROS_SA-2019-2098.NASL", "EULEROS_SA-2019-2211.NASL", "EULEROS_SA-2019-2216.NASL", "EULEROS_SA-2019-2218.NASL", "EULEROS_SA-2019-2254.NASL", "EULEROS_SA-2019-2264.NASL", "EULEROS_SA-2019-2430.NASL", "EULEROS_SA-2019-2464.NASL", "EULEROS_SA-2019-2491.NASL", "EULEROS_SA-2019-2626.NASL", "EULEROS_SA-2020-1061.NASL", "EULEROS_SA-2020-1062.NASL", "EULEROS_SA-2020-1063.NASL", "EULEROS_SA-2020-1221.NASL", "EULEROS_SA-2020-1268.NASL", "EULEROS_SA-2020-1274.NASL", "EULEROS_SA-2020-1408.NASL", "EULEROS_SA-2020-1533.NASL", "EULEROS_SA-2020-1670.NASL", "EULEROS_SA-2020-1832.NASL", "EULEROS_SA-2020-1833.NASL", "EULEROS_SA-2020-1834.NASL", "EULEROS_SA-2020-1853.NASL", "EULEROS_SA-2020-1891.NASL", "EULEROS_SA-2020-1946.NASL", "EULEROS_SA-2020-1965.NASL", "EULEROS_SA-2020-2000.NASL", "EULEROS_SA-2020-2154.NASL", "EULEROS_SA-2020-2168.NASL", "EULEROS_SA-2020-2178.NASL", "EULEROS_SA-2020-2184.NASL", "EULEROS_SA-2020-2289.NASL", "EULEROS_SA-2020-2366.NASL", "EULEROS_SA-2020-2462.NASL", "EULEROS_SA-2021-1014.NASL", "EULEROS_SA-2021-1033.NASL", "EULEROS_SA-2021-1047.NASL", "EULEROS_SA-2021-1093.NASL", "EULEROS_SA-2021-1104.NASL", "EULEROS_SA-2021-1160.NASL", "EULEROS_SA-2021-1338.NASL", "EULEROS_SA-2021-1339.NASL", "EULEROS_SA-2021-1376.NASL", "EULEROS_SA-2021-1415.NASL", "EULEROS_SA-2021-1418.NASL", "EULEROS_SA-2021-1495.NASL", "EULEROS_SA-2021-1505.NASL", "EULEROS_SA-2021-1549.NASL", "EULEROS_SA-2021-1553.NASL", "EULEROS_SA-2021-1601.NASL", "EULEROS_SA-2021-1610.NASL", "EULEROS_SA-2021-1615.NASL", "EULEROS_SA-2021-1619.NASL", "EULEROS_SA-2021-1637.NASL", "EULEROS_SA-2021-1661.NASL", "EULEROS_SA-2021-1695.NASL", "EULEROS_SA-2021-1696.NASL", "EULEROS_SA-2021-1714.NASL", "EULEROS_SA-2021-1721.NASL", "EULEROS_SA-2021-1740.NASL", "EULEROS_SA-2021-1741.NASL", "EULEROS_SA-2021-1794.NASL", "EULEROS_SA-2021-1825.NASL", "EULEROS_SA-2021-1826.NASL", "EULEROS_SA-2021-1875.NASL", "EULEROS_SA-2021-1882.NASL", "EULEROS_SA-2021-1900.NASL", "EULEROS_SA-2021-1907.NASL", "EULEROS_SA-2021-1908.NASL", "EULEROS_SA-2021-1909.NASL", "EULEROS_SA-2021-1927.NASL", "EULEROS_SA-2021-1935.NASL", "EULEROS_SA-2021-1948.NASL", "EULEROS_SA-2021-1956.NASL", "EULEROS_SA-2021-1960.NASL", "EULEROS_SA-2021-1970.NASL", "EULEROS_SA-2021-1985.NASL", "EULEROS_SA-2021-2001.NASL", "EULEROS_SA-2021-2005.NASL", "EULEROS_SA-2021-2020.NASL", "EULEROS_SA-2021-2027.NASL", "EULEROS_SA-2021-2032.NASL", "EULEROS_SA-2021-2044.NASL", "EULEROS_SA-2021-2052.NASL", "EULEROS_SA-2021-2063.NASL", "EULEROS_SA-2021-2082.NASL", "EULEROS_SA-2021-2091.NASL", "EULEROS_SA-2021-2103.NASL", "EULEROS_SA-2021-2126.NASL", "EULEROS_SA-2021-2154.NASL", "EULEROS_SA-2021-2185.NASL", "EULEROS_SA-2021-2193.NASL", "EULEROS_SA-2021-2218.NASL", "EULEROS_SA-2021-2225.NASL", "EULEROS_SA-2021-2249.NASL", "EULEROS_SA-2021-2275.NASL", "EULEROS_SA-2021-2306.NASL", "EULEROS_SA-2021-2339.NASL", "EULEROS_SA-2021-2376.NASL", "EULEROS_SA-2021-2406.NASL", "EULEROS_SA-2021-2416.NASL", "EULEROS_SA-2021-2417.NASL", "EULEROS_SA-2021-2418.NASL", "EULEROS_SA-2021-2456.NASL", "EULEROS_SA-2021-2508.NASL", "EULEROS_SA-2021-2542.NASL", "EULEROS_SA-2021-2566.NASL", "EULEROS_SA-2021-2595.NASL", "EULEROS_SA-2021-2758.NASL", "EULEROS_SA-2021-2785.NASL", "EULEROS_SA-2021-2833.NASL", "EULEROS_SA-2021-2868.NASL", "EULEROS_SA-2021-2872.NASL", "EULEROS_SA-2021-2874.NASL", "EULEROS_SA-2021-2884.NASL", "EULEROS_SA-2022-1008.NASL", "EULEROS_SA-2022-1028.NASL", "EULEROS_SA-2022-1059.NASL", "EULEROS_SA-2022-1082.NASL", "EULEROS_SA-2022-1131.NASL", "EULEROS_SA-2022-1194.NASL", "F5_BIGIP_SOL24624116.NASL", "F5_BIGIP_SOL42910051.NASL", "FEDORA_2018-A6B59D8F78.NASL", "FEDORA_2018-DB610FFF5B.NASL", "FEDORA_2019-9AB7EE6309.NASL", "FEDORA_2019-D15AAC6C4E.NASL", "FEDORA_2019-D51641F152.NASL", "FEDORA_2020-0C71C00AF4.NASL", "FEDORA_2020-20AB468A33.NASL", "FEDORA_2020-35087800BE.NASL", "FEDORA_2020-41FE1680F6.NASL", "FEDORA_2020-7773C53BC8.NASL", "FEDORA_2020-7DD29DACAD.NASL", "FEDORA_2020-935F62C3D9.NASL", "FEDORA_2020-A31B01E945.NASL", "FEDORA_2020-B60DBDD538.NASL", "FEDORA_2020-B6AAF25741.NASL", "FEDORA_2020-EF1870065A.NASL", "FEDORA_2020-FF317550E4.NASL", "FREEBSD_PKG_08B553ED537A11EBBE6E0022489AD614.NASL", "FREEBSD_PKG_1D56CFC5397011EB929DD4C9EF517024.NASL", "FREEBSD_PKG_21D59EA3855911EAA5E2D4C9EF517024.NASL", "FREEBSD_PKG_2F3CD69E7DEE11EBB92E0022489AD614.NASL", "FREEBSD_PKG_524BD03ABB7511EBBF35080027F515EA.NASL", "FREEBSD_PKG_56BA4513A1BE11EB9072D4C9EF517024.NASL", "FREEBSD_PKG_5A668AB38D8611EBB8D6D4C9EF517024.NASL", "FREEBSD_PKG_76E59F554F7A4887BCB011604004163A.NASL", "FREEBSD_PKG_96A21236707B11EB96D8D4C9EF517024.NASL", "FREEBSD_PKG_9E0C6F7AD46D11E9A1C7B499BAEBFEAF.NASL", "FREEBSD_PKG_A6CF65AD37D211EAA1C7B499BAEBFEAF.NASL", "FREEBSD_PKG_C0C1834C976111EBACFD0022489AD614.NASL", "FREEBSD_PKG_F5ABAFC0FCF611EA8758E0D55E2A8BF9.NASL", "GENTOO_GLSA-201911-04.NASL", "GENTOO_GLSA-202010-04.NASL", "GENTOO_GLSA-202012-13.NASL", "GENTOO_GLSA-202103-03.NASL", "GENTOO_GLSA-202104-05.NASL", "GENTOO_GLSA-202107-05.NASL", "LCE_6_0_9.NASL", "MACOSX_VIRTUALBOX_6_0_14.NASL", "MACOS_HT212529.NASL", "MACOS_HT212602.NASL", "MYSQL_5_6_47.NASL", "MYSQL_5_7_27.NASL", "MYSQL_5_7_33.NASL", "MYSQL_5_7_34.NASL", "MYSQL_8_0_19.NASL", "MYSQL_8_0_23.NASL", "MYSQL_8_0_24.NASL", "MYSQL_ENTERPRISE_MONITOR_8_0_24.NASL", "NESSUS_TNS_2021_04.NASL", "NEWSTART_CGSL_NS-SA-2021-0007_FWUPDATE.NASL", "NEWSTART_CGSL_NS-SA-2021-0008_GRUB2.NASL", "NEWSTART_CGSL_NS-SA-2021-0009_SHIM.NASL", "NEWSTART_CGSL_NS-SA-2021-0016_LIBXML2.NASL", "NEWSTART_CGSL_NS-SA-2021-0020_OPENSSL.NASL", "NEWSTART_CGSL_NS-SA-2021-0061_LIBXML2.NASL", "NEWSTART_CGSL_NS-SA-2021-0086_OPENSSL.NASL", "NEWSTART_CGSL_NS-SA-2021-0097_GRUB2.NASL", "NEWSTART_CGSL_NS-SA-2021-0133_GRUB2.NASL", "NEWSTART_CGSL_NS-SA-2021-0136_FWUPDATE.NASL", "NEWSTART_CGSL_NS-SA-2021-0139_GRUB2.NASL", "NEWSTART_CGSL_NS-SA-2021-0141_SHIM.NASL", "NEWSTART_CGSL_NS-SA-2021-0148_LIBXML2.NASL", "NEWSTART_CGSL_NS-SA-2021-0158_OPENSSL.NASL", "NEWSTART_CGSL_NS-SA-2021-0182_GRUB2.NASL", "NEWSTART_CGSL_NS-SA-2022-0017_OPENSSL.NASL", "NEWSTART_CGSL_NS-SA-2022-0050_LIBXML2.NASL", "NNM_5_13_1.NASL", "NODEJS_2021_FEB.NASL", "NODEJS_2021_JAN.NASL", "OPENSSL_1_0_2T.NASL", "OPENSSL_1_0_2X.NASL", "OPENSSL_1_0_2Y.NASL", "OPENSSL_1_1_0L.NASL", "OPENSSL_1_1_1D.NASL", "OPENSSL_1_1_1I.NASL", "OPENSSL_1_1_1J.NASL", "OPENSSL_1_1_1K.NASL", "OPENSUSE-2017-942.NASL", "OPENSUSE-2019-2158.NASL", "OPENSUSE-2019-2189.NASL", "OPENSUSE-2019-2268.NASL", "OPENSUSE-2019-2269.NASL", "OPENSUSE-2020-1168.NASL", "OPENSUSE-2020-1169.NASL", "OPENSUSE-2020-1280.NASL", "OPENSUSE-2020-1282.NASL", "OPENSUSE-2020-1430.NASL", "OPENSUSE-2020-1465.NASL", "OPENSUSE-2020-2223.NASL", "OPENSUSE-2020-2236.NASL", "OPENSUSE-2020-2245.NASL", "OPENSUSE-2020-2269.NASL", "OPENSUSE-2020-681.NASL", "OPENSUSE-2021-1059.NASL", "OPENSUSE-2021-1061.NASL", "OPENSUSE-2021-1917.NASL", "OPENSUSE-2021-2327.NASL", "OPENSUSE-2021-2353.NASL", "OPENSUSE-2021-357.NASL", "OPENSUSE-2021-372.NASL", "OPENSUSE-2021-427.NASL", "OPENSUSE-2021-430.NASL", "OPENSUSE-2021-462.NASL", "OPENSUSE-2021-476.NASL", "OPENSUSE-2021-64.NASL", "OPENSUSE-2021-65.NASL", "OPENSUSE-2021-692.NASL", "OPENSUSE-2021-764.NASL", "OPENSUSE-2021-82.NASL", "OPENSUSE-2021-886.NASL", "ORACLELINUX_ELSA-2020-4479.NASL", "ORACLELINUX_ELSA-2020-5476.NASL", "ORACLELINUX_ELSA-2020-55661.NASL", "ORACLELINUX_ELSA-2020-5782.NASL", "ORACLELINUX_ELSA-2020-5786.NASL", "ORACLELINUX_ELSA-2021-0696.NASL", "ORACLELINUX_ELSA-2021-0699.NASL", "ORACLELINUX_ELSA-2021-1024.NASL", "ORACLELINUX_ELSA-2021-1597.NASL", "ORACLELINUX_ELSA-2021-2569.NASL", "ORACLELINUX_ELSA-2021-3798.NASL", "ORACLELINUX_ELSA-2021-4424.NASL", "ORACLELINUX_ELSA-2021-9076.NASL", "ORACLELINUX_ELSA-2021-9077.NASL", "ORACLELINUX_ELSA-2021-9121.NASL", "ORACLELINUX_ELSA-2021-9137.NASL", "ORACLELINUX_ELSA-2021-9150.NASL", "ORACLELINUX_ELSA-2021-9151.NASL", "ORACLELINUX_ELSA-2021-9478.NASL", "ORACLELINUX_ELSA-2021-9528.NASL", "ORACLELINUX_ELSA-2021-9561.NASL", "ORACLEVM_OVMSA-2021-0011.NASL", "ORACLE_BI_PUBLISHER_APR_2021_CPU.NASL", "ORACLE_ENTERPRISE_MANAGER_CPU_APR_2022.NASL", "ORACLE_ENTERPRISE_MANAGER_CPU_JUL_2021.NASL", "ORACLE_ENTERPRISE_MANAGER_OPS_CENTER_APR_2021_CPU.NASL", "ORACLE_ENTERPRISE_MANAGER_OPS_CENTER_JAN_2020_CPU.NASL", "ORACLE_HTTP_SERVER_CPU_APR_2022.NASL", "ORACLE_HTTP_SERVER_CPU_OCT_2021.NASL", "ORACLE_JAVA_CPU_OCT_2021.NASL", "ORACLE_JAVA_CPU_OCT_2021_UNIX.NASL", "ORACLE_MYSQL_CONNECTORS_CPU_JAN_2020.NASL", "ORACLE_MYSQL_WORKBENCH_8_0_23.NASL", "ORACLE_MYSQL_WORKBENCH_8_0_27.NASL", "ORACLE_NOSQL_CPU_APR_2021.NASL", "ORACLE_SECURE_GLOBAL_DESKTOP_JAN_2020_CPU.NASL", "PHOTONOS_PHSA-2017-0029.NASL", "PHOTONOS_PHSA-2017-0029_LIBXML2.NASL", "PHOTONOS_PHSA-2019-1_0-0252_OPENSSL.NASL", "PHOTONOS_PHSA-2019-1_0-0255_OPENSSL.NASL", "PHOTONOS_PHSA-2019-2_0-0177_OPENSSL.NASL", "PHOTONOS_PHSA-2019-3_0-0032_OPENSSL.NASL", "PHOTONOS_PHSA-2019-3_0-0033_NXTGN.NASL", "PHOTONOS_PHSA-2020-1_0-0311_GRUB2.NASL", "PHOTONOS_PHSA-2020-1_0-0345_OPENSSL.NASL", "PHOTONOS_PHSA-2020-2_0-0225_LIBXML2.NASL", "PHOTONOS_PHSA-2020-2_0-0267_GRUB2.NASL", "PHOTONOS_PHSA-2020-2_0-0285_LIBXML2.NASL", "PHOTONOS_PHSA-2020-2_0-0304_OPENSSL.NASL", "PHOTONOS_PHSA-2020-3_0-0142_LIBXML2.NASL", "PHOTONOS_PHSA-2020-3_0-0175_NXTGN.NASL", "PHOTONOS_PHSA-2020-3_0-0175_OPENSSL.NASL", "PHOTONOS_PHSA-2021-1_0-0366_OPENSSL.NASL", "PHOTONOS_PHSA-2021-1_0-0376_GRUB2.NASL", "PHOTONOS_PHSA-2021-2_0-0331_NXTGN.NASL", "PHOTONOS_PHSA-2021-2_0-0334_GRUB2.NASL", "PHOTONOS_PHSA-2021-2_0-0351_LIBXML2.NASL", "PHOTONOS_PHSA-2021-3_0-0202_GRUB2.NASL", "PHOTONOS_PHSA-2021-3_0-0210_NXTGN.NASL", "PHOTONOS_PHSA-2021-3_0-0246_LIBXML2.NASL", "PHOTONOS_PHSA-2021-4_0-0001_GRUB2.NASL", "PHOTONOS_PHSA-2021-4_0-0007_MYSQL.NASL", "PHOTONOS_PHSA-2021-4_0-0007_OPENSSL.NASL", "PHOTONOS_PHSA-2021-4_0-0035_LIBXML2.NASL", "REDHAT-RHSA-2020-1337.NASL", "REDHAT-RHSA-2020-1840.NASL", "REDHAT-RHSA-2020-2644.NASL", "REDHAT-RHSA-2020-3216.NASL", "REDHAT-RHSA-2020-3217.NASL", "REDHAT-RHSA-2020-3223.NASL", "REDHAT-RHSA-2020-3227.NASL", "REDHAT-RHSA-2020-3271.NASL", "REDHAT-RHSA-2020-3273.NASL", "REDHAT-RHSA-2020-3274.NASL", "REDHAT-RHSA-2020-3275.NASL", "REDHAT-RHSA-2020-3276.NASL", "REDHAT-RHSA-2020-3996.NASL", "REDHAT-RHSA-2020-4115.NASL", "REDHAT-RHSA-2020-4172.NASL", "REDHAT-RHSA-2020-4479.NASL", "REDHAT-RHSA-2020-5422.NASL", "REDHAT-RHSA-2020-5476.NASL", "REDHAT-RHSA-2020-5566.NASL", "REDHAT-RHSA-2020-5588.NASL", "REDHAT-RHSA-2020-5623.NASL", "REDHAT-RHSA-2020-5637.NASL", "REDHAT-RHSA-2020-5639.NASL", "REDHAT-RHSA-2020-5640.NASL", "REDHAT-RHSA-2020-5641.NASL", "REDHAT-RHSA-2020-5642.NASL", "REDHAT-RHSA-2021-0056.NASL", "REDHAT-RHSA-2021-0486.NASL", "REDHAT-RHSA-2021-0489.NASL", "REDHAT-RHSA-2021-0494.NASL", "REDHAT-RHSA-2021-0696.NASL", "REDHAT-RHSA-2021-0697.NASL", "REDHAT-RHSA-2021-0698.NASL", "REDHAT-RHSA-2021-0699.NASL", "REDHAT-RHSA-2021-0700.NASL", "REDHAT-RHSA-2021-0701.NASL", "REDHAT-RHSA-2021-0702.NASL", "REDHAT-RHSA-2021-0703.NASL", "REDHAT-RHSA-2021-0704.NASL", "REDHAT-RHSA-2021-1024.NASL", "REDHAT-RHSA-2021-1063.NASL", "REDHAT-RHSA-2021-1131.NASL", "REDHAT-RHSA-2021-1189.NASL", "REDHAT-RHSA-2021-1195.NASL", "REDHAT-RHSA-2021-1199.NASL", "REDHAT-RHSA-2021-1202.NASL", "REDHAT-RHSA-2021-1597.NASL", "REDHAT-RHSA-2021-1734.NASL", "REDHAT-RHSA-2021-2566.NASL", "REDHAT-RHSA-2021-2569.NASL", "REDHAT-RHSA-2021-2790.NASL", "REDHAT-RHSA-2021-3675.NASL", "REDHAT-RHSA-2021-4198.NASL", "REDHAT-RHSA-2021-4424.NASL", "REDHAT-RHSA-2021-4614.NASL", "REDHAT-RHSA-2022-1389.NASL", "ROCKY_LINUX_RLSA-2021-2569.NASL", "SECURITYCENTER_5_17_0_TNS_2020_11.NASL", "SECURITYCENTER_5_17_0_TNS_2021_06.NASL", "SECURITYCENTER_5_19_0_TNS_2021_08.NASL", "SECURITYCENTER_OPENSSL_1_1_1J_TNS_2021_03.NASL", "SECURITYCENTER_OPENSSL_1_1_1K_TNS_2021_03.NASL", "SLACKWARE_SSA_2019-254-03.NASL", "SLACKWARE_SSA_2021-135-01.NASL", "SL_20201001_LIBXML2_ON_SL7_X.NASL", "SL_20201217_OPENSSL_ON_SL7_X.NASL", "SL_20210303_GRUB2_ON_SL7_X.NASL", "SMB_NT_MS21_NOV_VISUAL_STUDIO.NASL", "SMB_NT_MS21_OCT_VISUAL_STUDIO.NASL", "SOLARIS_JUL2021_SRU11_3_36_26_0.NASL", "SUSE_SU-2017-2115-1.NASL", "SUSE_SU-2017-2141-1.NASL", "SUSE_SU-2019-14171-1.NASL", "SUSE_SU-2019-14174-1.NASL", "SUSE_SU-2019-14249-1.NASL", "SUSE_SU-2019-2397-1.NASL", "SUSE_SU-2019-2403-1.NASL", "SUSE_SU-2019-2410-1.NASL", "SUSE_SU-2019-2413-1.NASL", "SUSE_SU-2019-2504-1.NASL", "SUSE_SU-2019-2558-1.NASL", "SUSE_SU-2019-2561-1.NASL", "SUSE_SU-2020-0099-1.NASL", "SUSE_SU-2020-1299-1.NASL", "SUSE_SU-2020-14440-1.NASL", "SUSE_SU-2020-14461-1.NASL", "SUSE_SU-2020-14490-1.NASL", "SUSE_SU-2020-14560-1.NASL", "SUSE_SU-2020-2073-1.NASL", "SUSE_SU-2020-2074-1.NASL", "SUSE_SU-2020-2076-1.NASL", "SUSE_SU-2020-2077-1.NASL", "SUSE_SU-2020-2078-1.NASL", "SUSE_SU-2020-2079-1.NASL", "SUSE_SU-2020-2303-1.NASL", "SUSE_SU-2020-2304-1.NASL", "SUSE_SU-2020-2305-1.NASL", "SUSE_SU-2020-2306-1.NASL", "SUSE_SU-2020-2307-1.NASL", "SUSE_SU-2020-2308-1.NASL", "SUSE_SU-2020-2609-1.NASL", "SUSE_SU-2020-2612-1.NASL", "SUSE_SU-2020-2627-1.NASL", "SUSE_SU-2020-2628-1.NASL", "SUSE_SU-2020-2629-1.NASL", "SUSE_SU-2020-2634-1.NASL", "SUSE_SU-2020-3720-1.NASL", "SUSE_SU-2020-3721-1.NASL", "SUSE_SU-2020-3722-1.NASL", "SUSE_SU-2020-3732-1.NASL", "SUSE_SU-2020-3740-1.NASL", "SUSE_SU-2020-3762-1.NASL", "SUSE_SU-2020-3763-1.NASL", "SUSE_SU-2021-0060-1.NASL", "SUSE_SU-2021-0062-1.NASL", "SUSE_SU-2021-0068-1.NASL", "SUSE_SU-2021-0082-1.NASL", "SUSE_SU-2021-0649-1.NASL", "SUSE_SU-2021-0651-1.NASL", "SUSE_SU-2021-0673-1.NASL", "SUSE_SU-2021-0674-1.NASL", "SUSE_SU-2021-0679-1.NASL", "SUSE_SU-2021-0681-1.NASL", "SUSE_SU-2021-0682-1.NASL", "SUSE_SU-2021-0683-1.NASL", "SUSE_SU-2021-0684-1.NASL", "SUSE_SU-2021-0685-1.NASL", "SUSE_SU-2021-0725-1.NASL", "SUSE_SU-2021-0752-1.NASL", "SUSE_SU-2021-0753-1.NASL", "SUSE_SU-2021-0754-1.NASL", "SUSE_SU-2021-0755-1.NASL", "SUSE_SU-2021-0769-1.NASL", "SUSE_SU-2021-0793-1.NASL", "SUSE_SU-2021-0939-1.NASL", "SUSE_SU-2021-0954-1.NASL", "SUSE_SU-2021-0955-1.NASL", "SUSE_SU-2021-0955-2.NASL", "SUSE_SU-2021-14659-1.NASL", "SUSE_SU-2021-14667-1.NASL", "SUSE_SU-2021-14670-1.NASL", "SUSE_SU-2021-14729-1.NASL", "SUSE_SU-2021-1523-1.NASL", "SUSE_SU-2021-1524-1.NASL", "SUSE_SU-2021-1654-1.NASL", "SUSE_SU-2021-1658-1.NASL", "SUSE_SU-2021-1917-1.NASL", "SUSE_SU-2021-2016-1.NASL", "SUSE_SU-2021-2323-1.NASL", "SUSE_SU-2021-2326-1.NASL", "SUSE_SU-2021-2327-1.NASL", "SUSE_SU-2021-2353-1.NASL", "TENABLE_NESSUS_AGENT_TNS_2021_04.NASL", "TENABLE_OT_SIEMENS_CVE-2021-3449.NASL", "UBUNTU_USN-4376-1.NASL", "UBUNTU_USN-4432-1.NASL", "UBUNTU_USN-4432-2.NASL", "UBUNTU_USN-4504-1.NASL", "UBUNTU_USN-4662-1.NASL", "UBUNTU_USN-4738-1.NASL", "UBUNTU_USN-4891-1.NASL", "UBUNTU_USN-4991-1.NASL", "UBUNTU_USN-4992-1.NASL", "UBUNTU_USN-5038-1.NASL", "UBUNTU_USN-5088-1.NASL", "VIRTUALBOX_6_0_14.NASL", "WINDOWS_UEFI_BOOTHOLE.NBIN"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2019-1547", "OPENSSL:CVE-2019-1549", "OPENSSL:CVE-2019-1563", "OPENSSL:CVE-2020-1971", "OPENSSL:CVE-2021-23840", "OPENSSL:CVE-2021-23841", "OPENSSL:CVE-2021-3449"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310142887", "OPENVAS:1361412562310142888", "OPENVAS:1361412562310142889", "OPENVAS:1361412562310142890", "OPENVAS:1361412562310143027", "OPENVAS:1361412562310143028", "OPENVAS:1361412562310143728", "OPENVAS:1361412562310143729", "OPENVAS:1361412562310143734", "OPENVAS:1361412562310143735", "OPENVAS:1361412562310704539", "OPENVAS:1361412562310704540", "OPENVAS:1361412562310813437", "OPENVAS:1361412562310815646", "OPENVAS:1361412562310815647", "OPENVAS:1361412562310815648", "OPENVAS:1361412562310844450", "OPENVAS:1361412562310852713", "OPENVAS:1361412562310852728", "OPENVAS:1361412562310852886", "OPENVAS:1361412562310852927", "OPENVAS:1361412562310853172", "OPENVAS:1361412562310874073", "OPENVAS:1361412562310874119", "OPENVAS:1361412562310876847", "OPENVAS:1361412562310876866", "OPENVAS:1361412562310877171", "OPENVAS:1361412562310877472", "OPENVAS:1361412562310877744", "OPENVAS:1361412562310877770", "OPENVAS:1361412562310891932", "OPENVAS:1361412562311220192097", "OPENVAS:1361412562311220192098", "OPENVAS:1361412562311220192211", "OPENVAS:1361412562311220192216", "OPENVAS:1361412562311220192218", "OPENVAS:1361412562311220192254", "OPENVAS:1361412562311220192264", "OPENVAS:1361412562311220192430", "OPENVAS:1361412562311220192464", "OPENVAS:1361412562311220192491", "OPENVAS:1361412562311220192626", "OPENVAS:1361412562311220201061", "OPENVAS:1361412562311220201062", "OPENVAS:1361412562311220201063", "OPENVAS:1361412562311220201221", "OPENVAS:1361412562311220201268", "OPENVAS:1361412562311220201274", "OPENVAS:1361412562311220201408", "OPENVAS:1361412562311220201670"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2020", "ORACLE:CPUAPR2021", "ORACLE:CPUAPR2022", "ORACLE:CPUJAN2020", "ORACLE:CPUJAN2021", "ORACLE:CPUJAN2022", "ORACLE:CPUJUL2020", "ORACLE:CPUJUL2021", "ORACLE:CPUJUL2022", "ORACLE:CPUOCT2019", "ORACLE:CPUOCT2019-5072832", "ORACLE:CPUOCT2020", "ORACLE:CPUOCT2021"]}, {"type": "oraclelinux", "idList": ["ELSA-2020-1840", "ELSA-2020-3218", "ELSA-2020-3220", "ELSA-2020-3996", "ELSA-2020-4431", "ELSA-2020-4436", "ELSA-2020-4479", "ELSA-2020-5476", "ELSA-2020-5566-1", "ELSA-2020-5782", "ELSA-2020-5786", "ELSA-2020-5790", "ELSA-2021-0696", "ELSA-2021-0699", "ELSA-2021-1024", "ELSA-2021-1597", "ELSA-2021-2569", "ELSA-2021-3798", "ELSA-2021-4424", "ELSA-2021-9076", "ELSA-2021-9077", "ELSA-2021-9121", "ELSA-2021-9137", "ELSA-2021-9150", "ELSA-2021-9151", "ELSA-2021-9478", "ELSA-2021-9528", "ELSA-2021-9561"]}, {"type": "osv", "idList": ["OSV:DLA-1932-1", "OSV:DLA-2369-1", "OSV:DLA-2492-1", "OSV:DLA-2493-1", "OSV:DLA-2563-1", "OSV:DLA-2565-1", "OSV:DLA-2653-1", "OSV:DLA-2669-1", "OSV:DLA-2751-1", "OSV:DSA-4539-1", "OSV:DSA-4540-1", "OSV:DSA-4735-1", "OSV:DSA-4735-2", "OSV:DSA-4807-1", "OSV:DSA-4855-1", "OSV:DSA-4867-1", "OSV:DSA-4875-1", "OSV:GHSA-7RRM-V45F-JP64", "OSV:GHSA-83MX-573X-5RW9", "OSV:GHSA-84RM-QF37-FGC2", "OSV:GHSA-QGM6-9472-PWQ7", "OSV:RUSTSEC-2021-0055", "OSV:RUSTSEC-2021-0057", "OSV:RUSTSEC-2021-0058"]}, {"type": "photon", "idList": ["PHSA-2017-0029", "PHSA-2019-0032", "PHSA-2019-0033", "PHSA-2019-0177", "PHSA-2019-0252", "PHSA-2019-1.0-0252", "PHSA-2019-2.0-0177", "PHSA-2019-3.0-0032", "PHSA-2019-3.0-0033", "PHSA-2020-0067", "PHSA-2020-0120", "PHSA-2020-0142", "PHSA-2020-0175", "PHSA-2020-0225", "PHSA-2020-0267", "PHSA-2020-0272", "PHSA-2020-0311", "PHSA-2020-0325", "PHSA-2020-0345", "PHSA-2020-1.0-0272", "PHSA-2020-1.0-0311", "PHSA-2020-1.0-0325", "PHSA-2020-1.0-0345", "PHSA-2020-2.0-0225", "PHSA-2020-2.0-0267", "PHSA-2020-2.0-0285", "PHSA-2020-2.0-0304", "PHSA-2020-3.0-0067", "PHSA-2020-3.0-0120", "PHSA-2020-3.0-0142", "PHSA-2020-3.0-0175", "PHSA-2021-0001", "PHSA-2021-0007", "PHSA-2021-0035", "PHSA-2021-0197", "PHSA-2021-0200", "PHSA-2021-0202", "PHSA-2021-0210", "PHSA-2021-0246", "PHSA-2021-0331", "PHSA-2021-0366", "PHSA-2021-0376", "PHSA-2021-0399", "PHSA-2021-1.0-0366", "PHSA-2021-1.0-0376", "PHSA-2021-2.0-0325", "PHSA-2021-2.0-0331", "PHSA-2021-2.0-0334", "PHSA-2021-2.0-0351", "PHSA-2021-3.0-0200", "PHSA-2021-3.0-0202", "PHSA-2021-3.0-0210", "PHSA-2021-3.0-0246", "PHSA-2021-4.0-0001", "PHSA-2021-4.0-0007", "PHSA-2021-4.0-0035"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:4DA175A5FB10CC3E64B58AB0536688A4"]}, {"type": "rapid7blog", "idList": ["RAPID7BLOG:73EAE8A2825E9B6764F314122B4E5F25"]}, {"type": "redhat", "idList": ["RHSA-2020:1336", "RHSA-2020:1337", "RHSA-2020:1840", "RHSA-2020:2644", "RHSA-2020:2646", "RHSA-2020:3194", "RHSA-2020:3216", "RHSA-2020:3217", "RHSA-2020:3218", "RHSA-2020:3219", "RHSA-2020:3220", "RHSA-2020:3221", "RHSA-2020:3222", "RHSA-2020:3223", "RHSA-2020:3224", "RHSA-2020:3226", "RHSA-2020:3227", "RHSA-2020:3228", "RHSA-2020:3230", "RHSA-2020:3232", "RHSA-2020:3271", "RHSA-2020:3273", "RHSA-2020:3274", "RHSA-2020:3275", "RHSA-2020:3276", "RHSA-2020:3996", "RHSA-2020:4115", "RHSA-2020:4172", "RHSA-2020:4254", "RHSA-2020:4255", "RHSA-2020:4264", "RHSA-2020:4298", "RHSA-2020:4479", "RHSA-2020:5149", "RHSA-2020:5364", "RHSA-2020:5422", "RHSA-2020:5476", "RHSA-2020:5566", "RHSA-2020:5588", "RHSA-2020:5605", "RHSA-2020:5614", "RHSA-2020:5623", "RHSA-2020:5633", "RHSA-2020:5635", "RHSA-2020:5637", "RHSA-2020:5639", "RHSA-2020:5640", "RHSA-2020:5641", "RHSA-2020:5642", "RHSA-2021:0037", "RHSA-2021:0039", "RHSA-2021:0050", "RHSA-2021:0056", "RHSA-2021:0083", "RHSA-2021:0146", "RHSA-2021:0187", "RHSA-2021:0190", "RHSA-2021:0436", "RHSA-2021:0486", "RHSA-2021:0488", "RHSA-2021:0489", "RHSA-2021:0491", "RHSA-2021:0494", "RHSA-2021:0495", "RHSA-2021:0607", "RHSA-2021:0696", "RHSA-2021:0697", "RHSA-2021:0698", "RHSA-2021:0699", "RHSA-2021:0700", "RHSA-2021:0701", "RHSA-2021:0702", "RHSA-2021:0703", "RHSA-2021:0704", "RHSA-2021:0778", "RHSA-2021:0799", "RHSA-2021:0949", "RHSA-2021:0980", "RHSA-2021:1024", "RHSA-2021:1063", "RHSA-2021:1129", "RHSA-2021:1131", "RHSA-2021:1168", "RHSA-2021:1189", "RHSA-2021:1195", "RHSA-2021:1196", "RHSA-2021:1199", "RHSA-2021:1200", "RHSA-2021:1202", "RHSA-2021:1203", "RHSA-2021:1230", "RHSA-2021:1338", "RHSA-2021:1369", "RHSA-2021:1448", "RHSA-2021:1597", "RHSA-2021:1734", "RHSA-2021:2021", "RHSA-2021:2041", "RHSA-2021:2121", "RHSA-2021:2130", "RHSA-2021:2136", "RHSA-2021:2438", "RHSA-2021:2461", "RHSA-2021:2479", "RHSA-2021:2532", "RHSA-2021:2543", "RHSA-2021:2566", "RHSA-2021:2569", "RHSA-2021:2705", "RHSA-2021:2790", "RHSA-2021:2920", "RHSA-2021:3016", "RHSA-2021:3024", "RHSA-2021:3119", "RHSA-2021:3229", "RHSA-2021:3259", "RHSA-2021:3361", "RHSA-2021:3556", "RHSA-2021:3675", "RHSA-2021:3798", "RHSA-2021:3873", "RHSA-2021:3925", "RHSA-2021:3949", "RHSA-2021:4032", "RHSA-2021:4198", "RHSA-2021:4424", "RHSA-2021:4613", "RHSA-2021:4614", "RHSA-2021:4627", "RHSA-2021:4845", "RHSA-2021:4848", "RHSA-2021:4861", "RHSA-2021:4863", "RHSA-2021:4902", "RHSA-2021:4914", "RHSA-2021:5038", "RHSA-2021:5128", "RHSA-2021:5137", "RHSA-2022:0056", "RHSA-2022:1389", "RHSA-2022:1390", "RHSA-2022:5924"]}, {"type": "redhatcve", "idList": ["RH:CVE-2017-8872", "RH:CVE-2019-1547", "RH:CVE-2019-1549", "RH:CVE-2019-1563", "RH:CVE-2019-20388", "RH:CVE-2020-10713", "RH:CVE-2020-14308", "RH:CVE-2020-14309", "RH:CVE-2020-14310", "RH:CVE-2020-14311", "RH:CVE-2020-14372", "RH:CVE-2020-15705", "RH:CVE-2020-15706", "RH:CVE-2020-15707", "RH:CVE-2020-1971", "RH:CVE-2020-24977", "RH:CVE-2020-25632", "RH:CVE-2020-27749", "RH:CVE-2020-27779", "RH:CVE-2020-36242", "RH:CVE-2021-20225", "RH:CVE-2021-20233", "RH:CVE-2021-23840", "RH:CVE-2021-23841", "RH:CVE-2021-3418", "RH:CVE-2021-3449", "RH:CVE-2021-3516", "RH:CVE-2021-3517", "RH:CVE-2021-3518", "RH:CVE-2021-3537", "RH:CVE-2021-3541"]}, {"type": "rocky", "idList": ["RLSA-2021:2569"]}, {"type": "rustsec", "idList": ["RUSTSEC-2021-0055", "RUSTSEC-2021-0057", "RUSTSEC-2021-0058"]}, {"type": "seebug", "idList": ["SSV:99170"]}, {"type": "slackware", "idList": ["SSA-2019-254-03", "SSA-2021-135-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:2158-1", "OPENSUSE-SU-2019:2189-1", "OPENSUSE-SU-2019:2268-1", "OPENSUSE-SU-2019:2269-1", "OPENSUSE-SU-2020:0681-1", "OPENSUSE-SU-2020:1168-1", "OPENSUSE-SU-2020:1169-1", "OPENSUSE-SU-2020:1280-1", "OPENSUSE-SU-2020:1282-1", "OPENSUSE-SU-2020:1430-1", "OPENSUSE-SU-2020:1465-1", "OPENSUSE-SU-2020:2223-1", "OPENSUSE-SU-2020:2236-1", "OPENSUSE-SU-2020:2245-1", "OPENSUSE-SU-2020:2269-1", "OPENSUSE-SU-2021:0064-1", "OPENSUSE-SU-2021:0065-1", "OPENSUSE-SU-2021:0082-1", "OPENSUSE-SU-2021:0357-1", "OPENSUSE-SU-2021:0372-1", "OPENSUSE-SU-2021:0427-1", "OPENSUSE-SU-2021:0430-1", "OPENSUSE-SU-2021:0462-1", "OPENSUSE-SU-2021:0476-1", "OPENSUSE-SU-2021:0692-1", "OPENSUSE-SU-2021:0764-1", "OPENSUSE-SU-2021:0886-1", "OPENSUSE-SU-2021:1059-1", "OPENSUSE-SU-2021:1061-1", "OPENSUSE-SU-2021:1917-1", "OPENSUSE-SU-2021:2327-1", "OPENSUSE-SU-2021:2353-1", "SUSE-SU-2017:2470-1", "SUSE-SU-2017:2701-1"]}, {"type": "symantec", "idList": ["SMNTC-110043", "SMNTC-110044", "SMNTC-110047", "SMNTC-17570", "SMNTC-1768", "SMNTC-17849"]}, {"type": "thn", "idList": ["THN:885767C284ED14ED2B32F6713F9AA21F", "THN:D65992731CD4A3B443CD2E03761CE18B"]}, {"type": "threatpost", "idList": ["THREATPOST:3D7559852080DD2D74780AC6D5F191C7", "THREATPOST:C408DF21547B7B4327FBAB82B97A4C96", "THREATPOST:D2BB5A9DDB021A7E256A4E0D8A6BDA55"]}, {"type": "ubuntu", "idList": ["USN-4376-1", "USN-4376-2", "USN-4432-1", "USN-4432-2", "USN-4504-1", "USN-4662-1", "USN-4738-1", "USN-4745-1", "USN-4891-1", "USN-4991-1", "USN-4992-1", "USN-5038-1", "USN-5088-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2017-8872", "UB:CVE-2019-1547", "UB:CVE-2019-1549", "UB:CVE-2019-1563", "UB:CVE-2019-20388", "UB:CVE-2020-10713", "UB:CVE-2020-14308", "UB:CVE-2020-14309", "UB:CVE-2020-14310", "UB:CVE-2020-14311", "UB:CVE-2020-14372", "UB:CVE-2020-15705", "UB:CVE-2020-15706", "UB:CVE-2020-15707", "UB:CVE-2020-1971", "UB:CVE-2020-24977", "UB:CVE-2020-25632", "UB:CVE-2020-27749", "UB:CVE-2020-27779", "UB:CVE-2021-20225", "UB:CVE-2021-20233", "UB:CVE-2021-23840", "UB:CVE-2021-23841", "UB:CVE-2021-3418", "UB:CVE-2021-3449", "UB:CVE-2021-3516", "UB:CVE-2021-3517", "UB:CVE-2021-3518", "UB:CVE-2021-3537", "UB:CVE-2021-3541"]}, {"type": "veracode", "idList": ["VERACODE:21486", "VERACODE:21488", "VERACODE:22336", "VERACODE:25979", "VERACODE:25980", "VERACODE:25981", "VERACODE:25982", "VERACODE:25983", "VERACODE:25984", "VERACODE:25985", "VERACODE:25986", "VERACODE:26648", "VERACODE:26787", "VERACODE:28331", "VERACODE:28524", "VERACODE:29418", "VERACODE:29419", "VERACODE:29544", "VERACODE:29545", "VERACODE:29548", "VERACODE:29550", "VERACODE:29553", "VERACODE:29555", "VERACODE:29835", "VERACODE:30390", "VERACODE:30391", "VERACODE:30392", "VERACODE:30393", "VERACODE:30606"]}]}, "score": {"value": -0.3, "vector": "NONE"}, "backreferences": {"references": [{"type": "aix", "idList": ["OPENSSL_ADVISORY31.ASC", "OPENSSL_ADVISORY33.ASC"]}, {"type": "almalinux", "idList": ["ALSA-2020:4479", "ALSA-2020:5476", "ALSA-2021:0696", "ALSA-2021:1024", "ALSA-2021:1597", "ALSA-2021:1734"]}, {"type": "amazon", "idList": ["ALAS-2020-1344", "ALAS2-2020-1406", "ALAS2-2020-1456", "ALAS2-2020-1534", "ALAS2-2021-1622", "ALAS2-2021-1662", "ALAS2-2021-1684"]}, {"type": "apple", "idList": ["APPLE:1451472D328FDFE3DC99DD199D7D7CB9", "APPLE:45AD95C7804251FD775E15CAF7FF51C6", "APPLE:4B24B474978FAA0D4305A8A3C49C9CB5", "APPLE:6C809F398EB5C607CA9186D5B9CAEAFC", "APPLE:8592A5882F33472850FF959BB2667129", "APPLE:B08BBADEFC88806E12CB234F1EB6C4C6", "APPLE:CABE34499864F4FA47751E5A9FCC58AC", "APPLE:D1EFA282D15E4426E62FDDF4866ECA7F"]}, {"type": "archlinux", "idList": ["ASA-202011-15", "ASA-202103-10", "ASA-202106-43"]}, {"type": "attackerkb", "idList": ["AKB:93D7F9FF-1F51-45C7-8172-B3E45415E966", "AKB:D179C673-BB99-4F4C-9D19-8FF081A85C1F", "AKB:EFF2BDE8-13EC-40D1-9F07-6C6AC4806059"]}, {"type": "centos", "idList": ["CESA-2020:3217", "CESA-2020:3220"]}, {"type": "cert", "idList": ["VU:174059"]}, {"type": "checkpoint_security", "idList": ["CPS:SK168414", "CPS:SK172983"]}, {"type": "cisa", "idList": ["CISA:4CA744242533EA980240D07CC5A48867"]}, {"type": "cisco", "idList": ["CISCO-SA-GRUB2-CODE-EXEC-XLEPCAPY", "CISCO-SA-OPENSSL-2021-GHY28DJD"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:431A5FEB07A8E937BEDFD31D7F1BE817", "CFOUNDRY:79AEA0CB72178344BEE07C9B9FEA86F0"]}, {"type": "cloudlinux", "idList": ["CLSA-2020:1608724134", "CLSA-2021:1614885634", "CLSA-2021:1632261785", "CLSA-2021:1640697315"]}, {"type": "cve", "idList": ["CVE-2017-8872", "CVE-2019-1547", "CVE-2019-1549", "CVE-2019-1563", "CVE-2020-10713", "CVE-2020-14308", "CVE-2020-14309", "CVE-2020-14310", "CVE-2020-14311", "CVE-2020-15705", "CVE-2020-15706", "CVE-2020-15707", "CVE-2021-3449", "CVE-2021-3516", "CVE-2021-3517", "CVE-2021-3518", "CVE-2021-3537"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1932-1:82F68", "DEBIAN:DLA-2669-1:F8CC1", "DEBIAN:DSA-4539-1:42F6F", "DEBIAN:DSA-4540-1:F4ED8", "DEBIAN:DSA-4735-1:A9183", "DEBIAN:DSA-4875-1:AE1B0"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2017-8872", "DEBIANCVE:CVE-2019-20388", "DEBIANCVE:CVE-2020-10713", "DEBIANCVE:CVE-2020-14308", "DEBIANCVE:CVE-2020-14309", "DEBIANCVE:CVE-2020-14310", "DEBIANCVE:CVE-2020-14311", "DEBIANCVE:CVE-2020-14372", "DEBIANCVE:CVE-2020-15705", "DEBIANCVE:CVE-2020-15706", "DEBIANCVE:CVE-2020-15707", "DEBIANCVE:CVE-2020-24977", "DEBIANCVE:CVE-2020-25632", "DEBIANCVE:CVE-2020-27749", "DEBIANCVE:CVE-2020-27779", "DEBIANCVE:CVE-2021-20225", "DEBIANCVE:CVE-2021-20233", "DEBIANCVE:CVE-2021-3516", "DEBIANCVE:CVE-2021-3517", "DEBIANCVE:CVE-2021-3518", "DEBIANCVE:CVE-2021-3537", "DEBIANCVE:CVE-2021-3541"]}, {"type": "f5", "idList": ["F5:K44070243", "F5:K73422160", "F5:K97324400"]}, {"type": "fedora", "idList": ["FEDORA:0311A304C5D2", "FEDORA:04BF76309A15", "FEDORA:1F4D830C7DBF", "FEDORA:1FF6B30C5606", "FEDORA:2C805304C743", "FEDORA:345C8607A30C", "FEDORA:384B96390985", "FEDORA:404B730C2F75", "FEDORA:482AD312AD6B", "FEDORA:49CA3304C366", "FEDORA:4F60F30A106E", "FEDORA:5361730BB4C9", "FEDORA:574BC3099D0A", "FEDORA:591B130E1979", "FEDORA:5DC52306C90A", "FEDORA:72A4E3093B5E", "FEDORA:7FD9A309E3EF", "FEDORA:862DE30A5C4D", "FEDORA:8C9CB30BDABD", "FEDORA:9BC6C307F973", "FEDORA:A3E68610D7CA", "FEDORA:B5B17313A0D2", "FEDORA:B8C523106DFF", "FEDORA:D12B9304C743", "FEDORA:DBF7C3092516", "FEDORA:DDF27606E7CA", "FEDORA:E5CE8640A272", "FEDORA:E700F3072E21", "FEDORA:E96CA304C35D"]}, {"type": "freebsd", "idList": ["524BD03A-BB75-11EB-BF35-080027F515EA", "56BA4513-A1BE-11EB-9072-D4C9EF517024", "5A668AB3-8D86-11EB-B8D6-D4C9EF517024", "9E0C6F7A-D46D-11E9-A1C7-B499BAEBFEAF", "C0C1834C-9761-11EB-ACFD-0022489AD614", "F5ABAFC0-FCF6-11EA-8758-E0D55E2A8BF9"]}, {"type": "gentoo", "idList": ["GLSA-201911-04", "GLSA-202012-13", "GLSA-202103-03", "GLSA-202104-05"]}, {"type": "github", "idList": ["GHSA-83MX-573X-5RW9", "GHSA-84RM-QF37-FGC2", "GHSA-QGM6-9472-PWQ7"]}, {"type": "githubexploit", "idList": ["9AC2B544-AF0D-5667-84C8-3889F70386B2", "C3C9928F-AC84-5B3E-980E-F594CABE8EA3", "F96E9425-1BDA-5323-839C-263FF8413976"]}, {"type": "hackerone", "idList": ["H1:1113025"]}, {"type": "hp", "idList": ["HP:C06707446"]}, {"type": "huawei", "idList": ["HUAWEI-SA-20200923-01-GRUB2"]}, {"type": "ibm", "idList": ["0076A42200CA79BB4F38036CC5133B052749C172669E11C84EDFD56B71758FB7", "023AF7CE811F35CB9EA5BD22171F66AA17D83D1B9FF44FF925D320814BAE40E2", "0A425AE154320282FF38ABB3C8BA8D3AD10793B88A3CFCA031B295F986453B12", "156A423D91231641B7B06703B06D394BB31F565A2A6E565DA370AE1DFE2E3F38", "1A35248CBBA17AE981ED0B52B133E7CA1678042C1A9C93C2EC8BED2EF8994420", "1A8A5E6AC75FF4A1A546DD1431D4E3A224B13E96434DBC2C5C874D7E73D90553", "30A5CA62F6580AAFA852738DF5325C812D685A3292E94F7A9E759C1125E79A0A", "3410A57294243E5BBAFB4C69F17AC837FB02B049396A85D095AF16279272DED9", "39807D1224804C1ED4DF9E9B1CDF9DB3C95A5882806B68B2EFFC0D340A45AD41", "3F34AB5AA343AE750DDC18968E6F874BE99938ACC1A401B2E368156C6C827FD8", "40FF55B5795EDDC89506253F7614F64D589E9F985162917C433828167306DB0E", "4E6353F1062DDEE2F859DA9376A59A0A02E58324E8A0BB460968024ADB369792", "4F8D39F3F464E5E9FD3000C317BC69CF4FEEE9F0605C69E62D810607C6BB87CD", "568C1946F6948551373693B819E984491EDA4324124EB255F933921898311FAA", "6154DEF6F23663D7D1FF5A7AC8111991A9724E8158A01D10C2D5BAC51D31ACFA", "6549F7FB91216E6B5325DB660AF73FDF2D181F5FC1D3D96D412B600D6C349A96", "7721744B6CF259BF11FF7B6430AE43A25D620EF548BC9DF53A5A8B7DB5079B31", "8CB93770328F2819DE92FFEB5767258BAD5A547F304198FB72E85CAB4E4E55B4", "8F36292DD2EC673F77E7D26F88D6129155EA165304B1A957E549DC327B6DCB50", "981346B4F2948F216BED89C4CD8BE79AD6F63DE1FBA4E88FB16B5600DC4A27C5", "B71E0BF361A8070A23A3F1A12855E8451A139F411163CC699F31E14C71A1F3EA", "E07C0C4D82739BCF3EC12790499FE045BA8E517D49D7B04601CDBB95AF91DA23"]}, {"type": "ics", "idList": ["ICSA-13-011-01", "ICSA-13-149-01", "ICSA-19-255-02", "ICSA-20-282-01"]}, {"type": "kaspersky", "idList": ["KLA11584", "KLA11641"]}, {"type": "lenovo", "idList": ["LENOVO:PS500336-NOSID"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/AMAZON-LINUX-AMI-2-CVE-2021-23841/", "MSF:ILITIES/CENTOS_LINUX-CVE-2020-14372/", "MSF:ILITIES/CENTOS_LINUX-CVE-2020-27779/", "MSF:ILITIES/CENTOS_LINUX-CVE-2021-20225/", "MSF:ILITIES/DEBIAN-CVE-2020-14309/", "MSF:ILITIES/DEBIAN-CVE-2020-14310/", "MSF:ILITIES/DEBIAN-CVE-2020-14311/", "MSF:ILITIES/GENTOO-LINUX-CVE-2020-14309/", "MSF:ILITIES/GENTOO-LINUX-CVE-2020-14310/", "MSF:ILITIES/GENTOO-LINUX-CVE-2020-14311/", "MSF:ILITIES/HTTP-OPENSSL-CVE-2020-1971/", "MSF:ILITIES/HTTP-OPENSSL-CVE-2021-23841/", "MSF:ILITIES/HUAWEI-EULEROS-2_0_SP8-CVE-2020-14309/", "MSF:ILITIES/HUAWEI-EULEROS-2_0_SP8-CVE-2020-14310/", "MSF:ILITIES/HUAWEI-EULEROS-2_0_SP8-CVE-2020-14311/", "MSF:ILITIES/HUAWEI-EULEROS-2_0_SP8-CVE-2021-23841/", "MSF:ILITIES/ORACLE_LINUX-CVE-2020-27749/", "MSF:ILITIES/REDHAT_LINUX-CVE-2020-15707/", "MSF:ILITIES/REDHAT_LINUX-CVE-2020-27749/", "MSF:ILITIES/REDHAT_LINUX-CVE-2020-27779/", "MSF:ILITIES/REDHAT_LINUX-CVE-2021-20225/", "MSF:ILITIES/SUSE-CVE-2020-27749/", "MSF:ILITIES/SUSE-CVE-2020-27779/", "MSF:ILITIES/SUSE-CVE-2021-20225/", "MSF:ILITIES/SUSE-CVE-2021-20233/", "MSF:ILITIES/UBUNTU-CVE-2020-14311/", "MSF:ILITIES/UBUNTU-CVE-2021-23841/"]}, {"type": "mscve", "idList": ["MS:ADV200011"]}, {"type": "nessus", "idList": ["AL2_ALAS-2021-1622.NASL", "ALA_ALAS-2020-1344.NASL", "APPLE_IOS_146_CHECK.NBIN", "APPLE_IOS_147_CHECK.NBIN", "CENTOS8_RHSA-2021-1024.NASL", "CENTOS8_RHSA-2021-1597.NASL", "CENTOS_RHSA-2020-3217.NASL", "DEBIAN_DLA-2669.NASL", "DEBIAN_DSA-4735.NASL", "DEBIAN_DSA-4875.NASL", "EULEROS_SA-2019-2097.NASL", "EULEROS_SA-2019-2098.NASL", "EULEROS_SA-2019-2216.NASL", "EULEROS_SA-2019-2218.NASL", "EULEROS_SA-2019-2254.NASL", "EULEROS_SA-2019-2264.NASL", "EULEROS_SA-2020-1221.NASL", "EULEROS_SA-2021-1014.NASL", "EULEROS_SA-2021-1033.NASL", "EULEROS_SA-2021-1047.NASL", "EULEROS_SA-2021-1714.NASL", "EULEROS_SA-2021-1721.NASL", "EULEROS_SA-2021-1740.NASL", "EULEROS_SA-2021-1741.NASL", "EULEROS_SA-2021-1794.NASL", "EULEROS_SA-2021-1825.NASL", "EULEROS_SA-2021-1826.NASL", "EULEROS_SA-2021-1875.NASL", "EULEROS_SA-2021-1882.NASL", "EULEROS_SA-2021-1900.NASL", "EULEROS_SA-2021-1907.NASL", "EULEROS_SA-2021-1908.NASL", "EULEROS_SA-2021-1909.NASL", "EULEROS_SA-2021-1927.NASL", "EULEROS_SA-2021-1935.NASL", "EULEROS_SA-2021-1948.NASL", "EULEROS_SA-2021-1956.NASL", "EULEROS_SA-2021-1960.NASL", "EULEROS_SA-2021-1970.NASL", "EULEROS_SA-2021-2456.NASL", "EULEROS_SA-2021-2508.NASL", "EULEROS_SA-2021-2542.NASL", "EULEROS_SA-2021-2566.NASL", "EULEROS_SA-2021-2833.NASL", "FEDORA_2020-41FE1680F6.NASL", "FEDORA_2020-7773C53BC8.NASL", "FEDORA_2020-7DD29DACAD.NASL", "FEDORA_2020-935F62C3D9.NASL", "FEDORA_2020-A31B01E945.NASL", "FEDORA_2020-B60DBDD538.NASL", "FEDORA_2020-B6AAF25741.NASL", "FEDORA_2020-FF317550E4.NASL", "FREEBSD_PKG_524BD03ABB7511EBBF35080027F515EA.NASL", "FREEBSD_PKG_56BA4513A1BE11EB9072D4C9EF517024.NASL", "FREEBSD_PKG_5A668AB38D8611EBB8D6D4C9EF517024.NASL", "FREEBSD_PKG_C0C1834C976111EBACFD0022489AD614.NASL", "FREEBSD_PKG_F5ABAFC0FCF611EA8758E0D55E2A8BF9.NASL", "GENTOO_GLSA-201911-04.NASL", "GENTOO_GLSA-202012-13.NASL", "GENTOO_GLSA-202103-03.NASL", "GENTOO_GLSA-202104-05.NASL", "LCE_6_0_9.NASL", "MACOS_HT212529.NASL", "MACOS_HT212602.NASL", "MYSQL_ENTERPRISE_MONITOR_8_0_24.NASL", "OPENSUSE-2017-942.NASL", "OPENSUSE-2020-1465.NASL", "OPENSUSE-2020-681.NASL", "OPENSUSE-2021-1059.NASL", "OPENSUSE-2021-1061.NASL", "OPENSUSE-2021-476.NASL", "OPENSUSE-2021-692.NASL", "OPENSUSE-2021-764.NASL", "ORACLELINUX_ELSA-2020-4479.NASL", "ORACLELINUX_ELSA-2020-5782.NASL", "ORACLELINUX_ELSA-2020-5786.NASL", "ORACLELINUX_ELSA-2021-1024.NASL", "ORACLELINUX_ELSA-2021-1597.NASL", "ORACLELINUX_ELSA-2021-3798.NASL", "ORACLELINUX_ELSA-2021-9121.NASL", "ORACLELINUX_ELSA-2021-9137.NASL", "ORACLELINUX_ELSA-2021-9150.NASL", "ORACLELINUX_ELSA-2021-9151.NASL", "ORACLEVM_OVMSA-2021-0011.NASL", "ORACLE_BI_PUBLISHER_APR_2021_CPU.NASL", "ORACLE_ENTERPRISE_MANAGER_CPU_JUL_2021.NASL", "ORACLE_ENTERPRISE_MANAGER_OPS_CENTER_APR_2021_CPU.NASL", "ORACLE_MYSQL_WORKBENCH_8_0_23.NASL", "ORACLE_NOSQL_CPU_APR_2021.NASL", "PHOTONOS_PHSA-2020-1_0-0311_GRUB2.NASL", "PHOTONOS_PHSA-2020-2_0-0267_GRUB2.NASL", "PHOTONOS_PHSA-2020-2_0-0285_LIBXML2.NASL", "PHOTONOS_PHSA-2020-3_0-0142_LIBXML2.NASL", "PHOTONOS_PHSA-2021-1_0-0376_GRUB2.NASL", "PHOTONOS_PHSA-2021-2_0-0331_NXTGN.NASL", "PHOTONOS_PHSA-2021-2_0-0334_GRUB2.NASL", "PHOTONOS_PHSA-2021-2_0-0351_LIBXML2.NASL", "PHOTONOS_PHSA-2021-3_0-0210_NXTGN.NASL", "PHOTONOS_PHSA-2021-3_0-0246_LIBXML2.NASL", "PHOTONOS_PHSA-2021-4_0-0007_MYSQL.NASL", "PHOTONOS_PHSA-2021-4_0-0007_OPENSSL.NASL", "PHOTONOS_PHSA-2021-4_0-0035_LIBXML2.NASL", "REDHAT-RHSA-2020-1840.NASL", "REDHAT-RHSA-2020-3216.NASL", "REDHAT-RHSA-2020-3217.NASL", "REDHAT-RHSA-2020-3223.NASL", "REDHAT-RHSA-2020-3227.NASL", "REDHAT-RHSA-2020-4479.NASL", "REDHAT-RHSA-2020-5637.NASL", "REDHAT-RHSA-2020-5639.NASL", "REDHAT-RHSA-2020-5640.NASL", "REDHAT-RHSA-2020-5641.NASL", "REDHAT-RHSA-2020-5642.NASL", "REDHAT-RHSA-2021-1024.NASL", "REDHAT-RHSA-2021-1063.NASL", "REDHAT-RHSA-2021-1131.NASL", "REDHAT-RHSA-2021-1189.NASL", "REDHAT-RHSA-2021-1195.NASL", "REDHAT-RHSA-2021-1199.NASL", "REDHAT-RHSA-2021-1202.NASL", "REDHAT-RHSA-2021-1597.NASL", "REDHAT-RHSA-2021-1734.NASL", "REDHAT-RHSA-2021-2790.NASL", "REDHAT-RHSA-2021-3675.NASL", "SECURITYCENTER_5_17_0_TNS_2020_11.NASL", "SECURITYCENTER_5_17_0_TNS_2021_06.NASL", "SECURITYCENTER_OPENSSL_1_1_1K_TNS_2021_03.NASL", "SLACKWARE_SSA_2021-135-01.NASL", "SMB_NT_MS21_OCT_VISUAL_STUDIO.NASL", "SOLARIS_JUL2021_SRU11_3_36_26_0.NASL", "SUSE_SU-2017-2115-1.NASL", "SUSE_SU-2017-2141-1.NASL", "SUSE_SU-2019-14171-1.NASL", "SUSE_SU-2019-14174-1.NASL", "SUSE_SU-2019-14249-1.NASL", "SUSE_SU-2020-1299-1.NASL", "SUSE_SU-2020-14440-1.NASL", "SUSE_SU-2020-14461-1.NASL", "SUSE_SU-2020-14490-1.NASL", "SUSE_SU-2020-14560-1.NASL", "SUSE_SU-2020-2073-1.NASL", "SUSE_SU-2020-2074-1.NASL", "SUSE_SU-2020-2076-1.NASL", "SUSE_SU-2020-2077-1.NASL", "SUSE_SU-2020-2078-1.NASL", "SUSE_SU-2020-2079-1.NASL", "SUSE_SU-2021-0939-1.NASL", "SUSE_SU-2021-0954-1.NASL", "SUSE_SU-2021-0955-1.NASL", "SUSE_SU-2021-14659-1.NASL", "SUSE_SU-2021-14667-1.NASL", "SUSE_SU-2021-14670-1.NASL", "SUSE_SU-2021-1654-1.NASL", "SUSE_SU-2021-1658-1.NASL", "SUSE_SU-2021-1917-1.NASL", "SUSE_SU-2021-2016-1.NASL", "UBUNTU_USN-4376-1.NASL", "UBUNTU_USN-4432-1.NASL", "UBUNTU_USN-4891-1.NASL", "UBUNTU_USN-4991-1.NASL", "UBUNTU_USN-4992-1.NASL", "UBUNTU_USN-5088-1.NASL", "WINDOWS_UEFI_BOOTHOLE.NBIN"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2021-23840"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310142887", "OPENVAS:1361412562310142888", "OPENVAS:1361412562310142889", "OPENVAS:1361412562310142890", "OPENVAS:1361412562310704539", "OPENVAS:1361412562310704540", "OPENVAS:1361412562310844450", "OPENVAS:1361412562310852713", "OPENVAS:1361412562310852728", "OPENVAS:1361412562310853172", "OPENVAS:1361412562310876847", "OPENVAS:1361412562310876866", "OPENVAS:1361412562310877472", "OPENVAS:1361412562310891932", "OPENVAS:1361412562311220192211", "OPENVAS:1361412562311220201221"]}, {"type": "oracle", "idList": ["ORACLE:CPUOCT2019-5072832"]}, {"type": "oraclelinux", "idList": ["ELSA-2020-1840", "ELSA-2020-3218", "ELSA-2020-3220", "ELSA-2020-4431", "ELSA-2020-4436", "ELSA-2020-4479", "ELSA-2020-5782", "ELSA-2020-5786", "ELSA-2020-5790", "ELSA-2021-1024", "ELSA-2021-1597", "ELSA-2021-3798", "ELSA-2021-9121", "ELSA-2021-9137", "ELSA-2021-9151", "ELSA-2021-9478"]}, {"type": "photon", "idList": ["PHSA-2017-0029", "PHSA-2019-2.0-0177", "PHSA-2019-3.0-0032", "PHSA-2019-3.0-0033", "PHSA-2020-0272", "PHSA-2020-1.0-0272", "PHSA-2020-1.0-0311", "PHSA-2020-1.0-0325", "PHSA-2020-1.0-0345", "PHSA-2020-2.0-0225", "PHSA-2020-2.0-0267", "PHSA-2020-2.0-0285", "PHSA-2020-2.0-0304", "PHSA-2020-3.0-0067", "PHSA-2020-3.0-0120", "PHSA-2020-3.0-0142", "PHSA-2020-3.0-0175", "PHSA-2021-0366", "PHSA-2021-0376", "PHSA-2021-0399", "PHSA-2021-1.0-0366", "PHSA-2021-1.0-0376", "PHSA-2021-2.0-0325", "PHSA-2021-2.0-0331", "PHSA-2021-2.0-0334", "PHSA-2021-2.0-0351", "PHSA-2021-3.0-0200", "PHSA-2021-3.0-0202", "PHSA-2021-3.0-0210", "PHSA-2021-3.0-0246", "PHSA-2021-4.0-0001", "PHSA-2021-4.0-0007", "PHSA-2021-4.0-0035"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:4DA175A5FB10CC3E64B58AB0536688A4"]}, {"type": "rapid7blog", "idList": ["RAPID7BLOG:73EAE8A2825E9B6764F314122B4E5F25"]}, {"type": "redhat", "idList": ["RHSA-2020:3216", "RHSA-2020:3217", "RHSA-2020:3223", "RHSA-2020:3227", "RHSA-2020:3273", "RHSA-2020:3274", "RHSA-2020:3275", "RHSA-2020:3276", "RHSA-2020:5637", "RHSA-2021:1129", "RHSA-2021:1597", "RHSA-2021:2021", "RHSA-2021:2532"]}, {"type": "redhatcve", "idList": ["RH:CVE-2020-14372", "RH:CVE-2020-1971", "RH:CVE-2020-25632", "RH:CVE-2020-27749", "RH:CVE-2020-27779", "RH:CVE-2020-36242", "RH:CVE-2021-20225", "RH:CVE-2021-20233", "RH:CVE-2021-23840", "RH:CVE-2021-23841", "RH:CVE-2021-3418", "RH:CVE-2021-3449", "RH:CVE-2021-3516", "RH:CVE-2021-3517", "RH:CVE-2021-3518", "RH:CVE-2021-3537"]}, {"type": "rocky", "idList": ["RLSA-2021:2569"]}, {"type": "rustsec", "idList": ["RUSTSEC-2021-0055", "RUSTSEC-2021-0057", "RUSTSEC-2021-0058"]}, {"type": "seebug", "idList": ["SSV:99170"]}, {"type": "slackware", "idList": ["SSA-2019-254-03", "SSA-2021-135-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:2158-1", "OPENSUSE-SU-2019:2189-1", "OPENSUSE-SU-2019:2268-1", "OPENSUSE-SU-2019:2269-1", "OPENSUSE-SU-2020:0681-1"]}, {"type": "symantec", "idList": ["SMNTC-1768", "SMNTC-17849"]}, {"type": "thn", "idList": ["THN:885767C284ED14ED2B32F6713F9AA21F", "THN:D65992731CD4A3B443CD2E03761CE18B"]}, {"type": "threatpost", "idList": ["THREATPOST:134A95E2E7432DE5E6F46316E469C55B", "THREATPOST:3D7559852080DD2D74780AC6D5F191C7", "THREATPOST:75B109B5B464EBEE349E710C31FA89E1", "THREATPOST:C408DF21547B7B4327FBAB82B97A4C96", "THREATPOST:D2BB5A9DDB021A7E256A4E0D8A6BDA55"]}, {"type": "ubuntu", "idList": ["USN-4376-1", "USN-4432-1", "USN-4891-1", "USN-4991-1", "USN-4992-1", "USN-5088-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-3449", "UB:CVE-2021-3516", "UB:CVE-2021-3517", "UB:CVE-2021-3518", "UB:CVE-2021-3537", "UB:CVE-2021-3541"]}]}, "exploitation": null, "vulnersScore": -0.3}, "_state": {"dependencies": 1660032824, "score": 1660033902}, "_internal": {"score_hash": "80c7c60c8da0bec4a31803677e9b15ae"}}

{"gentoo": [{"lastseen": "2022-01-17T18:59:31", "description": "### Background\n\nGNU GRUB is a multiboot boot loader used by most Linux systems.\n\n### Description\n\nMultiple vulnerabilities have been discovered in GRUB. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nPlease review the referenced CVE identifiers for details.\n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll GRUB users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=sys-devel/grub-2.06_rc1\"\n \n\nAfter upgrading, make sure to run the grub-install command with options appropriate for your system. See the GRUB Quick Start guide in the references below for examples. Your system will be vulnerable until this action is performed.", "cvss3": {"exploitabilityScore": 1.5, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.2, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 6.0}, "published": "2021-04-30T00:00:00", "type": "gentoo", "title": "GRUB: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10713", "CVE-2020-14308", "CVE-2020-14309", "CVE-2020-14310", "CVE-2020-14311", "CVE-2020-14372", "CVE-2020-15705", "CVE-2020-15706", "CVE-2020-15707", "CVE-2020-25632", "CVE-2020-25647", "CVE-2020-27749", "CVE-2020-27779", "CVE-2021-20225", "CVE-2021-20233"], "modified": "2021-04-30T00:00:00", "id": "GLSA-202104-05", "href": "https://security.gentoo.org/glsa/202104-05", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-17T18:57:31", "description": "### Background\n\nlibxml2 is the XML (eXtended Markup Language) C parser and toolkit initially developed for the GNOME project. \n\n### Description\n\nMultiple vulnerabilities have been discovered in libxml2. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could entice a user to process a specially crafted XML document using an application linked against libxml2, possibly resulting in a Denial of Service condition or obtaining sensitive information. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll libxml2 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-libs/libxml2-2.9.12-r3\"", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-07-06T00:00:00", "type": "gentoo", "title": "libxml2: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-24977", "CVE-2021-3516", "CVE-2021-3517", "CVE-2021-3518", "CVE-2021-3537", "CVE-2021-3541"], "modified": "2021-07-06T00:00:00", "id": "GLSA-202107-05", "href": "https://security.gentoo.org/glsa/202107-05", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2022-07-31T15:34:01", "description": "The remote host is affected by the vulnerability described in GLSA-202104-05 (GRUB: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in GRUB. Please review the CVE identifiers referenced below for details.\n Impact :\n\n Please review the referenced CVE identifiers for details.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": 8.2, "vector": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}, "published": "2021-05-03T00:00:00", "type": "nessus", "title": "GLSA-202104-05 : GRUB: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10713", "CVE-2020-14308", "CVE-2020-14309", "CVE-2020-14310", "CVE-2020-14311", "CVE-2020-14372", "CVE-2020-15705", "CVE-2020-15706", "CVE-2020-15707", "CVE-2020-25632", "CVE-2020-25647", "CVE-2020-27749", "CVE-2020-27779", "CVE-2021-20225", "CVE-2021-20233"], "modified": "2021-05-05T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:grub", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-202104-05.NASL", "href": "https://www.tenable.com/plugins/nessus/149217", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 202104-05.\n#\n# The advisory text is Copyright (C) 2001-2021 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(149217);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/05/05\");\n\n script_cve_id(\"CVE-2020-10713\", \"CVE-2020-14308\", \"CVE-2020-14309\", \"CVE-2020-14310\", \"CVE-2020-14311\", \"CVE-2020-14372\", \"CVE-2020-15705\", \"CVE-2020-15706\", \"CVE-2020-15707\", \"CVE-2020-25632\", \"CVE-2020-25647\", \"CVE-2020-27749\", \"CVE-2020-27779\", \"CVE-2021-20225\", \"CVE-2021-20233\");\n script_xref(name:\"GLSA\", value:\"202104-05\");\n\n script_name(english:\"GLSA-202104-05 : GRUB: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote host is affected by the vulnerability described in GLSA-202104-05\n(GRUB: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in GRUB. Please review the\n CVE identifiers referenced below for details.\n \nImpact :\n\n Please review the referenced CVE identifiers for details.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://wiki.gentoo.org/wiki/GRUB2_Quick_Start\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/202104-05\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"All GRUB users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=sys-devel/grub-2.06_rc1'\n After upgrading, make sure to run the grub-install command with options\n appropriate for your system. See the GRUB Quick Start guide in the\n references below for examples. Your system will be vulnerable until this\n action is performed.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:grub\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/05/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"sys-devel/grub\", unaffected:make_list(\"ge 2.06_rc1\"), vulnerable:make_list(\"lt 2.06_rc1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"GRUB\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-07-31T16:35:14", "description": "The remote Windows host is missing an update to the Secure Boot DBX. It is, therefore, affected by multiple vulnerabilities:\n\n - A flaw was found in grub2 in versions prior to 2.06. The rmmod implementation allows the unloading of a module used as a dependency without checking if any other dependent module is still loaded leading to a use-after-free scenario. This could allow arbitrary code to be executed or a bypass of Secure Boot protections. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.\n (CVE-2020-25632)\n\n - A flaw was found in grub2 in versions prior to 2.06. Setparam_prefix() in the menu rendering code performs a length calculation on the assumption that expressing a quoted single quote will require 3 characters, while it actually requires 4 characters which allows an attacker to corrupt memory by one byte for each quote in the input. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2021-20233)\n\n\nAdditionally, the host is affected by several other security feature bypasses in Secure Boot.\n\nNote: Tenable is testing for the presence of the expected signatures added in the March 2021 DBX update referenced in the vendor advisory.", "cvss3": {"score": 8.2, "vector": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}, "published": "2020-07-31T00:00:00", "type": "nessus", "title": "Windows Security Feature Bypass in Secure Boot (BootHole)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10713", "CVE-2020-14308", "CVE-2020-14309", "CVE-2020-14310", "CVE-2020-14311", "CVE-2020-14372", "CVE-2020-15705", "CVE-2020-15706", "CVE-2020-15707", "CVE-2020-25632", "CVE-2020-25647", "CVE-2020-27749", "CVE-2020-27779", "CVE-2021-20225", "CVE-2021-20233", "CVE-2021-3418"], "modified": "2022-07-19T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "WINDOWS_UEFI_BOOTHOLE.NBIN", "href": "https://www.tenable.com/plugins/nessus/139239", "sourceData": "Binary data windows_uefi_boothole.nbin", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-07-31T16:36:53", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3274 advisory.\n\n - grub2: Crafted grub.cfg file can lead to arbitrary code execution during boot process (CVE-2020-10713)\n\n - grub2: grub_malloc does not validate allocation size allowing for arithmetic overflow and subsequent heap- based buffer overflow (CVE-2020-14308)\n\n - grub2: Integer overflow in grub_squash_read_symlink may lead to heap-based buffer overflow (CVE-2020-14309)\n\n - grub2: Integer overflow read_section_as_string may lead to heap-based buffer overflow (CVE-2020-14310)\n\n - grub2: Integer overflow in grub_ext2_read_link leads to heap-based buffer overflow (CVE-2020-14311)\n\n - grub2: Fail kernel validation without shim protocol (CVE-2020-15705)\n\n - grub2: Use-after-free redefining a function whilst the same function is already executing (CVE-2020-15706)\n\n - grub2: Integer overflow in initrd size handling (CVE-2020-15707)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.2, "vector": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}, "published": "2020-08-03T00:00:00", "type": "nessus", "title": "RHEL 7 : grub2 (RHSA-2020:3274)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10713", "CVE-2020-14308", "CVE-2020-14309", "CVE-2020-14310", "CVE-2020-14311", "CVE-2020-15705", "CVE-2020-15706", "CVE-2020-15707"], "modified": "2022-05-12T00:00:00", "cpe": ["cpe:/o:redhat:rhel_aus:7.7", "cpe:/o:redhat:rhel_e4s:7.6", "cpe:/o:redhat:rhel_e4s:7.7", "cpe:/o:redhat:rhel_eus:7.7", "cpe:/o:redhat:rhel_tus:7.7", "p-cpe:/a:redhat:enterprise_linux:fwupdate", "p-cpe:/a:redhat:enterprise_linux:fwupdate-devel", "p-cpe:/a:redhat:enterprise_linux:fwupdate-efi", "p-cpe:/a:redhat:enterprise_linux:fwupdate-libs", "p-cpe:/a:redhat:enterprise_linux:grub2", "p-cpe:/a:redhat:enterprise_linux:grub2-common", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-aa64-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32-cdboot", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64-cdboot", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-pc", "p-cpe:/a:redhat:enterprise_linux:grub2-pc-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-ppc-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-ppc64", "p-cpe:/a:redhat:enterprise_linux:grub2-ppc64-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-ppc64le", "p-cpe:/a:redhat:enterprise_linux:grub2-ppc64le-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-tools", "p-cpe:/a:redhat:enterprise_linux:grub2-tools-extra", "p-cpe:/a:redhat:enterprise_linux:grub2-tools-minimal", "p-cpe:/a:redhat:enterprise_linux:mokutil", "p-cpe:/a:redhat:enterprise_linux:shim-ia32", "p-cpe:/a:redhat:enterprise_linux:shim-unsigned-ia32", "p-cpe:/a:redhat:enterprise_linux:shim-unsigned-x64", "p-cpe:/a:redhat:enterprise_linux:shim-x64"], "id": "REDHAT-RHSA-2020-3274.NASL", "href": "https://www.tenable.com/plugins/nessus/139294", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:3274. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(139294);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\n \"CVE-2020-10713\",\n \"CVE-2020-14308\",\n \"CVE-2020-14309\",\n \"CVE-2020-14310\",\n \"CVE-2020-14311\",\n \"CVE-2020-15705\",\n \"CVE-2020-15706\",\n \"CVE-2020-15707\"\n );\n script_xref(name:\"RHSA\", value:\"2020:3274\");\n script_xref(name:\"IAVA\", value:\"2020-A-0349\");\n\n script_name(english:\"RHEL 7 : grub2 (RHSA-2020:3274)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:3274 advisory.\n\n - grub2: Crafted grub.cfg file can lead to arbitrary code execution during boot process (CVE-2020-10713)\n\n - grub2: grub_malloc does not validate allocation size allowing for arithmetic overflow and subsequent heap-\n based buffer overflow (CVE-2020-14308)\n\n - grub2: Integer overflow in grub_squash_read_symlink may lead to heap-based buffer overflow\n (CVE-2020-14309)\n\n - grub2: Integer overflow read_section_as_string may lead to heap-based buffer overflow (CVE-2020-14310)\n\n - grub2: Integer overflow in grub_ext2_read_link leads to heap-based buffer overflow (CVE-2020-14311)\n\n - grub2: Fail kernel validation without shim protocol (CVE-2020-15705)\n\n - grub2: Use-after-free redefining a function whilst the same function is already executing (CVE-2020-15706)\n\n - grub2: Integer overflow in initrd size handling (CVE-2020-15707)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/78.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/122.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/190.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/416.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/440.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/787.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-10713\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-14308\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-14309\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-14310\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-14311\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-15705\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-15706\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-15707\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:3274\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1825243\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1852009\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1852014\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1852022\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1852030\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1860978\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1861118\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1861581\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-14309\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-10713\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(78, 122, 190, 416, 440, 787);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/08/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:7.7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:7.7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:7.7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:7.7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:fwupdate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:fwupdate-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:fwupdate-efi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:fwupdate-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-aa64-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32-cdboot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64-cdboot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-pc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-pc-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-ppc-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-ppc64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-ppc64-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-ppc64le\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-ppc64le-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-tools-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-tools-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mokutil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:shim-ia32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:shim-unsigned-ia32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:shim-unsigned-x64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:shim-x64\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'rhel_aus_7_7_server': [\n 'rhel-7-server-aus-debug-rpms',\n 'rhel-7-server-aus-debug-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-aus-optional-debug-rpms',\n 'rhel-7-server-aus-optional-debug-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-aus-optional-rpms',\n 'rhel-7-server-aus-optional-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-aus-optional-source-rpms',\n 'rhel-7-server-aus-optional-source-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-aus-rpms',\n 'rhel-7-server-aus-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-aus-source-rpms',\n 'rhel-7-server-aus-source-rpms__7_DOT_7__x86_64'\n ],\n 'rhel_e4s_7_6_server': [\n 'rhel-7-server-aus-debug-rpms',\n 'rhel-7-server-aus-optional-debug-rpms',\n 'rhel-7-server-aus-optional-rpms',\n 'rhel-7-server-aus-optional-source-rpms',\n 'rhel-7-server-aus-rpms',\n 'rhel-7-server-aus-source-rpms',\n 'rhel-7-server-e4s-debug-rpms',\n 'rhel-7-server-e4s-debug-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-e4s-optional-debug-rpms',\n 'rhel-7-server-e4s-optional-debug-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-e4s-optional-debug-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-e4s-optional-rpms',\n 'rhel-7-server-e4s-optional-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-e4s-optional-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-e4s-optional-source-rpms',\n 'rhel-7-server-e4s-optional-source-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-e4s-optional-source-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-e4s-rpms',\n 'rhel-7-server-e4s-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-e4s-source-rpms',\n 'rhel-7-server-e4s-source-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-tus-debug-rpms',\n 'rhel-7-server-tus-optional-debug-rpms',\n 'rhel-7-server-tus-optional-rpms',\n 'rhel-7-server-tus-optional-source-rpms',\n 'rhel-7-server-tus-source-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-debug-rpms__7_DOT_6__x86_64',\n 'rhel-ha-for-rhel-7-server-e4s-debug-rpms__7_DOT_7__x86_64',\n 'rhel-ha-for-rhel-7-server-e4s-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-rpms__7_DOT_6__x86_64',\n 'rhel-ha-for-rhel-7-server-e4s-rpms__7_DOT_7__x86_64',\n 'rhel-ha-for-rhel-7-server-e4s-source-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-source-rpms__7_DOT_6__x86_64',\n 'rhel-ha-for-rhel-7-server-e4s-source-rpms__7_DOT_7__x86_64'\n ],\n 'rhel_e4s_7_7_server': [\n 'rhel-7-server-aus-debug-rpms',\n 'rhel-7-server-aus-rpms',\n 'rhel-7-server-aus-source-rpms',\n 'rhel-7-server-e4s-debug-rpms',\n 'rhel-7-server-e4s-debug-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-e4s-rpms',\n 'rhel-7-server-e4s-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-e4s-source-rpms',\n 'rhel-7-server-e4s-source-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-tus-debug-rpms',\n 'rhel-7-server-tus-rpms',\n 'rhel-7-server-tus-source-rpms'\n ],\n 'rhel_eus_7_7_computenode': [\n 'rhel-7-hpc-node-eus-debug-rpms',\n 'rhel-7-hpc-node-eus-debug-rpms__7_DOT_7__x86_64',\n 'rhel-7-hpc-node-eus-optional-debug-rpms',\n 'rhel-7-hpc-node-eus-optional-debug-rpms__7_DOT_7__x86_64',\n 'rhel-7-hpc-node-eus-optional-rpms',\n 'rhel-7-hpc-node-eus-optional-rpms__7_DOT_7__x86_64',\n 'rhel-7-hpc-node-eus-optional-source-rpms',\n 'rhel-7-hpc-node-eus-optional-source-rpms__7_DOT_7__x86_64',\n 'rhel-7-hpc-node-eus-rpms',\n 'rhel-7-hpc-node-eus-rpms__7_DOT_7__x86_64',\n 'rhel-7-hpc-node-eus-source-rpms',\n 'rhel-7-hpc-node-eus-source-rpms__7_DOT_7__x86_64'\n ],\n 'rhel_eus_7_7_server': [\n 'rhel-7-server-aus-debug-rpms',\n 'rhel-7-server-aus-optional-debug-rpms',\n 'rhel-7-server-aus-optional-rpms',\n 'rhel-7-server-aus-optional-source-rpms',\n 'rhel-7-server-aus-rpms',\n 'rhel-7-server-aus-source-rpms',\n 'rhel-7-server-e4s-debug-rpms',\n 'rhel-7-server-e4s-optional-debug-rpms',\n 'rhel-7-server-e4s-optional-rpms',\n 'rhel-7-server-e4s-optional-source-rpms',\n 'rhel-7-server-e4s-rpms',\n 'rhel-7-server-e4s-source-rpms',\n 'rhel-7-server-eus-debug-rpms',\n 'rhel-7-server-eus-debug-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-eus-optional-debug-rpms',\n 'rhel-7-server-eus-optional-debug-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-eus-optional-rpms',\n 'rhel-7-server-eus-optional-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-eus-optional-source-rpms',\n 'rhel-7-server-eus-optional-source-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-eus-rpms',\n 'rhel-7-server-eus-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-eus-source-rpms',\n 'rhel-7-server-eus-source-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-tus-debug-rpms',\n 'rhel-7-server-tus-optional-debug-rpms',\n 'rhel-7-server-tus-optional-rpms',\n 'rhel-7-server-tus-optional-source-rpms',\n 'rhel-7-server-tus-rpms',\n 'rhel-7-server-tus-source-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-source-rpms',\n 'rhel-ha-for-rhel-7-server-eus-debug-rpms',\n 'rhel-ha-for-rhel-7-server-eus-debug-rpms__7_DOT_7__x86_64',\n 'rhel-ha-for-rhel-7-server-eus-rpms',\n 'rhel-ha-for-rhel-7-server-eus-rpms__7_DOT_7__x86_64',\n 'rhel-ha-for-rhel-7-server-eus-source-rpms',\n 'rhel-ha-for-rhel-7-server-eus-source-rpms__7_DOT_7__x86_64',\n 'rhel-ha-for-rhel-7-server-tus-debug-rpms',\n 'rhel-ha-for-rhel-7-server-tus-rpms',\n 'rhel-ha-for-rhel-7-server-tus-source-rpms',\n 'rhel-rs-for-rhel-7-server-eus-debug-rpms',\n 'rhel-rs-for-rhel-7-server-eus-debug-rpms__7_DOT_7__x86_64',\n 'rhel-rs-for-rhel-7-server-eus-rpms',\n 'rhel-rs-for-rhel-7-server-eus-rpms__7_DOT_7__x86_64',\n 'rhel-rs-for-rhel-7-server-eus-source-rpms',\n 'rhel-rs-for-rhel-7-server-eus-source-rpms__7_DOT_7__x86_64'\n ],\n 'rhel_extras_sap_e4s_7_7': [\n 'rhel-sap-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-debug-rpms__7_DOT_7__x86_64',\n 'rhel-sap-for-rhel-7-server-e4s-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-rpms__7_DOT_7__x86_64',\n 'rhel-sap-for-rhel-7-server-e4s-source-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-source-rpms__7_DOT_7__x86_64'\n ],\n 'rhel_extras_sap_eus_7_7': [\n 'rhel-sap-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-source-rpms',\n 'rhel-sap-for-rhel-7-server-eus-debug-rpms',\n 'rhel-sap-for-rhel-7-server-eus-debug-rpms__7_DOT_7__x86_64',\n 'rhel-sap-for-rhel-7-server-eus-rpms',\n 'rhel-sap-for-rhel-7-server-eus-rpms__7_DOT_7__x86_64',\n 'rhel-sap-for-rhel-7-server-eus-source-rpms',\n 'rhel-sap-for-rhel-7-server-eus-source-rpms__7_DOT_7__x86_64'\n ],\n 'rhel_extras_sap_hana_e4s_7_7': [\n 'rhel-sap-hana-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-debug-rpms__7_DOT_7__x86_64',\n 'rhel-sap-hana-for-rhel-7-server-e4s-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-rpms__7_DOT_7__x86_64',\n 'rhel-sap-hana-for-rhel-7-server-e4s-source-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-source-rpms__7_DOT_7__x86_64'\n ],\n 'rhel_extras_sap_hana_eus_7_7': [\n 'rhel-sap-hana-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-source-rpms',\n 'rhel-sap-hana-for-rhel-7-server-eus-debug-rpms',\n 'rhel-sap-hana-for-rhel-7-server-eus-debug-rpms__7_DOT_7__x86_64',\n 'rhel-sap-hana-for-rhel-7-server-eus-rpms',\n 'rhel-sap-hana-for-rhel-7-server-eus-rpms__7_DOT_7__x86_64',\n 'rhel-sap-hana-for-rhel-7-server-eus-source-rpms',\n 'rhel-sap-hana-for-rhel-7-server-eus-source-rpms__7_DOT_7__x86_64'\n ],\n 'rhel_tus_7_7_server': [\n 'rhel-7-server-tus-debug-rpms',\n 'rhel-7-server-tus-debug-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-tus-optional-debug-rpms',\n 'rhel-7-server-tus-optional-debug-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-tus-optional-rpms',\n 'rhel-7-server-tus-optional-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-tus-optional-source-rpms',\n 'rhel-7-server-tus-optional-source-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-tus-rpms',\n 'rhel-7-server-tus-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-tus-source-rpms',\n 'rhel-7-server-tus-source-rpms__7_DOT_7__x86_64',\n 'rhel-ha-for-rhel-7-server-tus-debug-rpms',\n 'rhel-ha-for-rhel-7-server-tus-debug-rpms__7_DOT_7__x86_64',\n 'rhel-ha-for-rhel-7-server-tus-rpms',\n 'rhel-ha-for-rhel-7-server-tus-rpms__7_DOT_7__x86_64',\n 'rhel-ha-for-rhel-7-server-tus-source-rpms',\n 'rhel-ha-for-rhel-7-server-tus-source-rpms__7_DOT_7__x86_64'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar pkgs = [\n {'reference':'fwupdate-12-6.el7_7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_7_server', 'rhel_e4s_7_6_server', 'rhel_e4s_7_7_server', 'rhel_eus_7_7_computenode', 'rhel_eus_7_7_server', 'rhel_extras_sap_e4s_7_7', 'rhel_extras_sap_eus_7_7', 'rhel_extras_sap_hana_e4s_7_7', 'rhel_extras_sap_hana_eus_7_7', 'rhel_tus_7_7_server']},\n {'reference':'fwupdate-devel-12-6.el7_7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_7_server', 'rhel_e4s_7_6_server', 'rhel_e4s_7_7_server', 'rhel_eus_7_7_computenode', 'rhel_eus_7_7_server', 'rhel_extras_sap_e4s_7_7', 'rhel_extras_sap_eus_7_7', 'rhel_extras_sap_hana_e4s_7_7', 'rhel_extras_sap_hana_eus_7_7', 'rhel_tus_7_7_server']},\n {'reference':'fwupdate-efi-12-6.el7_7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_7_server', 'rhel_e4s_7_6_server', 'rhel_e4s_7_7_server', 'rhel_eus_7_7_computenode', 'rhel_eus_7_7_server', 'rhel_extras_sap_e4s_7_7', 'rhel_extras_sap_eus_7_7', 'rhel_extras_sap_hana_e4s_7_7', 'rhel_extras_sap_hana_eus_7_7', 'rhel_tus_7_7_server']},\n {'reference':'fwupdate-libs-12-6.el7_7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_7_server', 'rhel_e4s_7_6_server', 'rhel_e4s_7_7_server', 'rhel_eus_7_7_computenode', 'rhel_eus_7_7_server', 'rhel_extras_sap_e4s_7_7', 'rhel_extras_sap_eus_7_7', 'rhel_extras_sap_hana_e4s_7_7', 'rhel_extras_sap_hana_eus_7_7', 'rhel_tus_7_7_server']},\n {'reference':'grub2-2.02-0.86.el7_7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_7_server', 'rhel_e4s_7_6_server', 'rhel_e4s_7_7_server', 'rhel_eus_7_7_computenode', 'rhel_eus_7_7_server', 'rhel_extras_sap_e4s_7_7', 'rhel_extras_sap_eus_7_7', 'rhel_extras_sap_hana_e4s_7_7', 'rhel_extras_sap_hana_eus_7_7', 'rhel_tus_7_7_server']},\n {'reference':'grub2-common-2.02-0.86.el7_7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_7_server', 'rhel_e4s_7_6_server', 'rhel_e4s_7_7_server', 'rhel_eus_7_7_computenode', 'rhel_eus_7_7_server', 'rhel_extras_sap_e4s_7_7', 'rhel_extras_sap_eus_7_7', 'rhel_extras_sap_hana_e4s_7_7', 'rhel_extras_sap_hana_eus_7_7', 'rhel_tus_7_7_server']},\n {'reference':'grub2-efi-aa64-modules-2.02-0.86.el7_7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_7_server', 'rhel_e4s_7_6_server', 'rhel_e4s_7_7_server', 'rhel_eus_7_7_computenode', 'rhel_eus_7_7_server', 'rhel_extras_sap_e4s_7_7', 'rhel_extras_sap_eus_7_7', 'rhel_extras_sap_hana_e4s_7_7', 'rhel_extras_sap_hana_eus_7_7', 'rhel_tus_7_7_server']},\n {'reference':'grub2-efi-ia32-2.02-0.86.el7_7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_7_server', 'rhel_e4s_7_6_server', 'rhel_e4s_7_7_server', 'rhel_eus_7_7_computenode', 'rhel_eus_7_7_server', 'rhel_extras_sap_e4s_7_7', 'rhel_extras_sap_eus_7_7', 'rhel_extras_sap_hana_e4s_7_7', 'rhel_extras_sap_hana_eus_7_7', 'rhel_tus_7_7_server']},\n {'reference':'grub2-efi-ia32-cdboot-2.02-0.86.el7_7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_7_server', 'rhel_e4s_7_6_server', 'rhel_e4s_7_7_server', 'rhel_eus_7_7_computenode', 'rhel_eus_7_7_server', 'rhel_extras_sap_e4s_7_7', 'rhel_extras_sap_eus_7_7', 'rhel_extras_sap_hana_e4s_7_7', 'rhel_extras_sap_hana_eus_7_7', 'rhel_tus_7_7_server']},\n {'reference':'grub2-efi-ia32-modules-2.02-0.86.el7_7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_7_server', 'rhel_e4s_7_6_server', 'rhel_e4s_7_7_server', 'rhel_eus_7_7_computenode', 'rhel_eus_7_7_server', 'rhel_extras_sap_e4s_7_7', 'rhel_extras_sap_eus_7_7', 'rhel_extras_sap_hana_e4s_7_7', 'rhel_extras_sap_hana_eus_7_7', 'rhel_tus_7_7_server']},\n {'reference':'grub2-efi-x64-2.02-0.86.el7_7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_7_server', 'rhel_e4s_7_6_server', 'rhel_e4s_7_7_server', 'rhel_eus_7_7_computenode', 'rhel_eus_7_7_server', 'rhel_extras_sap_e4s_7_7', 'rhel_extras_sap_eus_7_7', 'rhel_extras_sap_hana_e4s_7_7', 'rhel_extras_sap_hana_eus_7_7', 'rhel_tus_7_7_server']},\n {'reference':'grub2-efi-x64-cdboot-2.02-0.86.el7_7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_7_server', 'rhel_e4s_7_6_server', 'rhel_e4s_7_7_server', 'rhel_eus_7_7_computenode', 'rhel_eus_7_7_server', 'rhel_extras_sap_e4s_7_7', 'rhel_extras_sap_eus_7_7', 'rhel_extras_sap_hana_e4s_7_7', 'rhel_extras_sap_hana_eus_7_7', 'rhel_tus_7_7_server']},\n {'reference':'grub2-efi-x64-modules-2.02-0.86.el7_7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_7_server', 'rhel_e4s_7_6_server', 'rhel_e4s_7_7_server', 'rhel_eus_7_7_computenode', 'rhel_eus_7_7_server', 'rhel_extras_sap_e4s_7_7', 'rhel_extras_sap_eus_7_7', 'rhel_extras_sap_hana_e4s_7_7', 'rhel_extras_sap_hana_eus_7_7', 'rhel_tus_7_7_server']},\n {'reference':'grub2-pc-2.02-0.86.el7_7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_7_server', 'rhel_e4s_7_6_server', 'rhel_e4s_7_7_server', 'rhel_eus_7_7_computenode', 'rhel_eus_7_7_server', 'rhel_extras_sap_e4s_7_7', 'rhel_extras_sap_eus_7_7', 'rhel_extras_sap_hana_e4s_7_7', 'rhel_extras_sap_hana_eus_7_7', 'rhel_tus_7_7_server']},\n {'reference':'grub2-pc-modules-2.02-0.86.el7_7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_7_server', 'rhel_e4s_7_6_server', 'rhel_e4s_7_7_server', 'rhel_eus_7_7_computenode', 'rhel_eus_7_7_server', 'rhel_extras_sap_e4s_7_7', 'rhel_extras_sap_eus_7_7', 'rhel_extras_sap_hana_e4s_7_7', 'rhel_extras_sap_hana_eus_7_7', 'rhel_tus_7_7_server']},\n {'reference':'grub2-ppc-modules-2.02-0.86.el7_7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_7_server', 'rhel_e4s_7_6_server', 'rhel_e4s_7_7_server', 'rhel_eus_7_7_computenode', 'rhel_eus_7_7_server', 'rhel_extras_sap_e4s_7_7', 'rhel_extras_sap_eus_7_7', 'rhel_extras_sap_hana_e4s_7_7', 'rhel_extras_sap_hana_eus_7_7', 'rhel_tus_7_7_server']},\n {'reference':'grub2-ppc64-modules-2.02-0.86.el7_7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_7_server', 'rhel_e4s_7_6_server', 'rhel_e4s_7_7_server', 'rhel_eus_7_7_computenode', 'rhel_eus_7_7_server', 'rhel_extras_sap_e4s_7_7', 'rhel_extras_sap_eus_7_7', 'rhel_extras_sap_hana_e4s_7_7', 'rhel_extras_sap_hana_eus_7_7', 'rhel_tus_7_7_server']},\n {'reference':'grub2-ppc64le-modules-2.02-0.86.el7_7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_7_server', 'rhel_e4s_7_6_server', 'rhel_e4s_7_7_server', 'rhel_eus_7_7_computenode', 'rhel_eus_7_7_server', 'rhel_extras_sap_e4s_7_7', 'rhel_extras_sap_eus_7_7', 'rhel_extras_sap_hana_e4s_7_7', 'rhel_extras_sap_hana_eus_7_7', 'rhel_tus_7_7_server']},\n {'reference':'grub2-tools-2.02-0.86.el7_7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_7_server', 'rhel_e4s_7_6_server', 'rhel_e4s_7_7_server', 'rhel_eus_7_7_computenode', 'rhel_eus_7_7_server', 'rhel_extras_sap_e4s_7_7', 'rhel_extras_sap_eus_7_7', 'rhel_extras_sap_hana_e4s_7_7', 'rhel_extras_sap_hana_eus_7_7', 'rhel_tus_7_7_server']},\n {'reference':'grub2-tools-extra-2.02-0.86.el7_7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_7_server', 'rhel_e4s_7_6_server', 'rhel_e4s_7_7_server', 'rhel_eus_7_7_computenode', 'rhel_eus_7_7_server', 'rhel_extras_sap_e4s_7_7', 'rhel_extras_sap_eus_7_7', 'rhel_extras_sap_hana_e4s_7_7', 'rhel_extras_sap_hana_eus_7_7', 'rhel_tus_7_7_server']},\n {'reference':'grub2-tools-minimal-2.02-0.86.el7_7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_7_server', 'rhel_e4s_7_6_server', 'rhel_e4s_7_7_server', 'rhel_eus_7_7_computenode', 'rhel_eus_7_7_server', 'rhel_extras_sap_e4s_7_7', 'rhel_extras_sap_eus_7_7', 'rhel_extras_sap_hana_e4s_7_7', 'rhel_extras_sap_hana_eus_7_7', 'rhel_tus_7_7_server']},\n {'reference':'mokutil-15-8.el7_7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_7_server', 'rhel_e4s_7_6_server', 'rhel_e4s_7_7_server', 'rhel_eus_7_7_computenode', 'rhel_eus_7_7_server', 'rhel_extras_sap_e4s_7_7', 'rhel_extras_sap_eus_7_7', 'rhel_extras_sap_hana_e4s_7_7', 'rhel_extras_sap_hana_eus_7_7', 'rhel_tus_7_7_server']},\n {'reference':'shim-ia32-15-8.el7_7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_7_server', 'rhel_e4s_7_6_server', 'rhel_e4s_7_7_server', 'rhel_eus_7_7_computenode', 'rhel_eus_7_7_server', 'rhel_extras_sap_e4s_7_7', 'rhel_extras_sap_eus_7_7', 'rhel_extras_sap_hana_e4s_7_7', 'rhel_extras_sap_hana_eus_7_7', 'rhel_tus_7_7_server']},\n {'reference':'shim-unsigned-ia32-15-8.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_7_server', 'rhel_e4s_7_6_server', 'rhel_e4s_7_7_server', 'rhel_eus_7_7_computenode', 'rhel_eus_7_7_server', 'rhel_extras_sap_e4s_7_7', 'rhel_extras_sap_eus_7_7', 'rhel_extras_sap_hana_e4s_7_7', 'rhel_extras_sap_hana_eus_7_7', 'rhel_tus_7_7_server']},\n {'reference':'shim-unsigned-x64-15-8.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_7_server', 'rhel_e4s_7_6_server', 'rhel_e4s_7_7_server', 'rhel_eus_7_7_computenode', 'rhel_eus_7_7_server', 'rhel_extras_sap_e4s_7_7', 'rhel_extras_sap_eus_7_7', 'rhel_extras_sap_hana_e4s_7_7', 'rhel_extras_sap_hana_eus_7_7', 'rhel_tus_7_7_server']},\n {'reference':'shim-x64-15-8.el7_7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_7_server', 'rhel_e4s_7_6_server', 'rhel_e4s_7_7_server', 'rhel_eus_7_7_computenode', 'rhel_eus_7_7_server', 'rhel_extras_sap_e4s_7_7', 'rhel_extras_sap_eus_7_7', 'rhel_extras_sap_hana_e4s_7_7', 'rhel_extras_sap_hana_eus_7_7', 'rhel_tus_7_7_server']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Advanced Update Support, Extended Update Support, Telco Extended Update Support or Update Services for SAP Solutions repositories.\\n' +\n 'Access to these repositories requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'fwupdate / fwupdate-devel / fwupdate-efi / fwupdate-libs / grub2 / etc');\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-31T16:35:36", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3227 advisory.\n\n - grub2: Crafted grub.cfg file can lead to arbitrary code execution during boot process (CVE-2020-10713)\n\n - grub2: grub_malloc does not validate allocation size allowing for arithmetic overflow and subsequent heap- based buffer overflow (CVE-2020-14308)\n\n - grub2: Integer overflow in grub_squash_read_symlink may lead to heap-based buffer overflow (CVE-2020-14309)\n\n - grub2: Integer overflow read_section_as_string may lead to heap-based buffer overflow (CVE-2020-14310)\n\n - grub2: Integer overflow in grub_ext2_read_link leads to heap-based buffer overflow (CVE-2020-14311)\n\n - grub2: Fail kernel validation without shim protocol (CVE-2020-15705)\n\n - grub2: Use-after-free redefining a function whilst the same function is already executing (CVE-2020-15706)\n\n - grub2: Integer overflow in initrd size handling (CVE-2020-15707)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.2, "vector": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}, "published": "2020-07-30T00:00:00", "type": "nessus", "title": "RHEL 8 : grub2 (RHSA-2020:3227)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10713", "CVE-2020-14308", "CVE-2020-14309", "CVE-2020-14310", "CVE-2020-14311", "CVE-2020-15705", "CVE-2020-15706", "CVE-2020-15707"], "modified": "2022-05-12T00:00:00", "cpe": ["cpe:/o:redhat:rhel_e4s:8.0", "p-cpe:/a:redhat:enterprise_linux:fwupd", "p-cpe:/a:redhat:enterprise_linux:grub2-common", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-aa64-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32-cdboot", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64-cdboot", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-pc", "p-cpe:/a:redhat:enterprise_linux:grub2-pc-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-ppc64le", "p-cpe:/a:redhat:enterprise_linux:grub2-ppc64le-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-tools", "p-cpe:/a:redhat:enterprise_linux:grub2-tools-efi", "p-cpe:/a:redhat:enterprise_linux:grub2-tools-extra", "p-cpe:/a:redhat:enterprise_linux:grub2-tools-minimal", "p-cpe:/a:redhat:enterprise_linux:shim-ia32", "p-cpe:/a:redhat:enterprise_linux:shim-x64"], "id": "REDHAT-RHSA-2020-3227.NASL", "href": "https://www.tenable.com/plugins/nessus/139192", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:3227. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(139192);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\n \"CVE-2020-10713\",\n \"CVE-2020-14308\",\n \"CVE-2020-14309\",\n \"CVE-2020-14310\",\n \"CVE-2020-14311\",\n \"CVE-2020-15705\",\n \"CVE-2020-15706\",\n \"CVE-2020-15707\"\n );\n script_xref(name:\"RHSA\", value:\"2020:3227\");\n script_xref(name:\"IAVA\", value:\"2020-A-0349\");\n\n script_name(english:\"RHEL 8 : grub2 (RHSA-2020:3227)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:3227 advisory.\n\n - grub2: Crafted grub.cfg file can lead to arbitrary code execution during boot process (CVE-2020-10713)\n\n - grub2: grub_malloc does not validate allocation size allowing for arithmetic overflow and subsequent heap-\n based buffer overflow (CVE-2020-14308)\n\n - grub2: Integer overflow in grub_squash_read_symlink may lead to heap-based buffer overflow\n (CVE-2020-14309)\n\n - grub2: Integer overflow read_section_as_string may lead to heap-based buffer overflow (CVE-2020-14310)\n\n - grub2: Integer overflow in grub_ext2_read_link leads to heap-based buffer overflow (CVE-2020-14311)\n\n - grub2: Fail kernel validation without shim protocol (CVE-2020-15705)\n\n - grub2: Use-after-free redefining a function whilst the same function is already executing (CVE-2020-15706)\n\n - grub2: Integer overflow in initrd size handling (CVE-2020-15707)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/78.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/122.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/190.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/416.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/440.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/787.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-10713\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-14308\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-14309\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-14310\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-14311\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-15705\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-15706\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-15707\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:3227\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1825243\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1852009\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1852014\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1852022\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1852030\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1860978\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1861118\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1861581\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-14309\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-10713\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(78, 122, 190, 416, 440, 787);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:fwupd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-aa64-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32-cdboot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64-cdboot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-pc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-pc-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-ppc64le\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-ppc64le-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-tools-efi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-tools-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-tools-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:shim-ia32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:shim-x64\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'rhel_e4s_8_0_appstream': [\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms__8_DOT_0',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms__8_DOT_0',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms__8_DOT_0'\n ],\n 'rhel_e4s_8_0_baseos': [\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms__8_DOT_0',\n 'rhel-8-for-x86_64-baseos-e4s-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-rpms__8_DOT_0',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms__8_DOT_0'\n ],\n 'rhel_e4s_8_0_highavailability': [\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms__8_DOT_0',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms__8_DOT_0',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms__8_DOT_0'\n ],\n 'rhel_e4s_8_0_sap': [\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms__8_DOT_0',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms__8_DOT_0',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms__8_DOT_0'\n ],\n 'rhel_e4s_8_0_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms__8_DOT_0',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms__8_DOT_0'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar pkgs = [\n {'reference':'fwupd-1.1.4-2.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_0_appstream', 'rhel_e4s_8_0_baseos', 'rhel_e4s_8_0_highavailability', 'rhel_e4s_8_0_sap', 'rhel_e4s_8_0_sap_hana']},\n {'reference':'grub2-common-2.02-87.el8_0', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_0_appstream', 'rhel_e4s_8_0_baseos', 'rhel_e4s_8_0_highavailability', 'rhel_e4s_8_0_sap', 'rhel_e4s_8_0_sap_hana']},\n {'reference':'grub2-efi-aa64-modules-2.02-87.el8_0', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_0_appstream', 'rhel_e4s_8_0_baseos', 'rhel_e4s_8_0_highavailability', 'rhel_e4s_8_0_sap', 'rhel_e4s_8_0_sap_hana']},\n {'reference':'grub2-efi-ia32-2.02-87.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_0_appstream', 'rhel_e4s_8_0_baseos', 'rhel_e4s_8_0_highavailability', 'rhel_e4s_8_0_sap', 'rhel_e4s_8_0_sap_hana']},\n {'reference':'grub2-efi-ia32-cdboot-2.02-87.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_0_appstream', 'rhel_e4s_8_0_baseos', 'rhel_e4s_8_0_highavailability', 'rhel_e4s_8_0_sap', 'rhel_e4s_8_0_sap_hana']},\n {'reference':'grub2-efi-ia32-modules-2.02-87.el8_0', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_0_appstream', 'rhel_e4s_8_0_baseos', 'rhel_e4s_8_0_highavailability', 'rhel_e4s_8_0_sap', 'rhel_e4s_8_0_sap_hana']},\n {'reference':'grub2-efi-x64-2.02-87.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_0_appstream', 'rhel_e4s_8_0_baseos', 'rhel_e4s_8_0_highavailability', 'rhel_e4s_8_0_sap', 'rhel_e4s_8_0_sap_hana']},\n {'reference':'grub2-efi-x64-cdboot-2.02-87.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_0_appstream', 'rhel_e4s_8_0_baseos', 'rhel_e4s_8_0_highavailability', 'rhel_e4s_8_0_sap', 'rhel_e4s_8_0_sap_hana']},\n {'reference':'grub2-efi-x64-modules-2.02-87.el8_0', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_0_appstream', 'rhel_e4s_8_0_baseos', 'rhel_e4s_8_0_highavailability', 'rhel_e4s_8_0_sap', 'rhel_e4s_8_0_sap_hana']},\n {'reference':'grub2-pc-2.02-87.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_0_appstream', 'rhel_e4s_8_0_baseos', 'rhel_e4s_8_0_highavailability', 'rhel_e4s_8_0_sap', 'rhel_e4s_8_0_sap_hana']},\n {'reference':'grub2-pc-modules-2.02-87.el8_0', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_0_appstream', 'rhel_e4s_8_0_baseos', 'rhel_e4s_8_0_highavailability', 'rhel_e4s_8_0_sap', 'rhel_e4s_8_0_sap_hana']},\n {'reference':'grub2-ppc64le-modules-2.02-87.el8_0', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_0_appstream', 'rhel_e4s_8_0_baseos', 'rhel_e4s_8_0_highavailability', 'rhel_e4s_8_0_sap', 'rhel_e4s_8_0_sap_hana']},\n {'reference':'grub2-tools-2.02-87.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_0_appstream', 'rhel_e4s_8_0_baseos', 'rhel_e4s_8_0_highavailability', 'rhel_e4s_8_0_sap', 'rhel_e4s_8_0_sap_hana']},\n {'reference':'grub2-tools-efi-2.02-87.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_0_appstream', 'rhel_e4s_8_0_baseos', 'rhel_e4s_8_0_highavailability', 'rhel_e4s_8_0_sap', 'rhel_e4s_8_0_sap_hana']},\n {'reference':'grub2-tools-extra-2.02-87.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_0_appstream', 'rhel_e4s_8_0_baseos', 'rhel_e4s_8_0_highavailability', 'rhel_e4s_8_0_sap', 'rhel_e4s_8_0_sap_hana']},\n {'reference':'grub2-tools-minimal-2.02-87.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_0_appstream', 'rhel_e4s_8_0_baseos', 'rhel_e4s_8_0_highavailability', 'rhel_e4s_8_0_sap', 'rhel_e4s_8_0_sap_hana']},\n {'reference':'shim-ia32-15-14.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_0_appstream', 'rhel_e4s_8_0_baseos', 'rhel_e4s_8_0_highavailability', 'rhel_e4s_8_0_sap', 'rhel_e4s_8_0_sap_hana']},\n {'reference':'shim-x64-15-14.el8_0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_0_appstream', 'rhel_e4s_8_0_baseos', 'rhel_e4s_8_0_highavailability', 'rhel_e4s_8_0_sap', 'rhel_e4s_8_0_sap_hana']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Update Services for SAP Solutions repository.\\n' +\n 'Access to this repository requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'fwupd / grub2-common / grub2-efi-aa64-modules / grub2-efi-ia32 / etc');\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-31T16:34:52", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3216 advisory.\n\n - grub2: Crafted grub.cfg file can lead to arbitrary code execution during boot process (CVE-2020-10713)\n\n - grub2: grub_malloc does not validate allocation size allowing for arithmetic overflow and subsequent heap- based buffer overflow (CVE-2020-14308)\n\n - grub2: Integer overflow in grub_squash_read_symlink may lead to heap-based buffer overflow (CVE-2020-14309)\n\n - grub2: Integer overflow read_section_as_string may lead to heap-based buffer overflow (CVE-2020-14310)\n\n - grub2: Integer overflow in grub_ext2_read_link leads to heap-based buffer overflow (CVE-2020-14311)\n\n - grub2: Fail kernel validation without shim protocol (CVE-2020-15705)\n\n - grub2: Use-after-free redefining a function whilst the same function is already executing (CVE-2020-15706)\n\n - grub2: Integer overflow in initrd size handling (CVE-2020-15707)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.2, "vector": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}, "published": "2020-07-30T00:00:00", "type": "nessus", "title": "RHEL 8 : grub2 (RHSA-2020:3216)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10713", "CVE-2020-14308", "CVE-2020-14309", "CVE-2020-14310", "CVE-2020-14311", "CVE-2020-15705", "CVE-2020-15706", "CVE-2020-15707"], "modified": "2022-05-12T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:rhel_aus:8.2", "cpe:/o:redhat:rhel_aus:8.4", "cpe:/o:redhat:rhel_e4s:8.2", "cpe:/o:redhat:rhel_e4s:8.4", "cpe:/o:redhat:rhel_eus:8.2", "cpe:/o:redhat:rhel_eus:8.4", "cpe:/o:redhat:rhel_tus:8.2", "cpe:/o:redhat:rhel_tus:8.4", "p-cpe:/a:redhat:enterprise_linux:fwupd", "p-cpe:/a:redhat:enterprise_linux:grub2-common", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-aa64", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-aa64-cdboot", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-aa64-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32-cdboot", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64-cdboot", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-pc", "p-cpe:/a:redhat:enterprise_linux:grub2-pc-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-ppc64le", "p-cpe:/a:redhat:enterprise_linux:grub2-ppc64le-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-tools", "p-cpe:/a:redhat:enterprise_linux:grub2-tools-efi", "p-cpe:/a:redhat:enterprise_linux:grub2-tools-extra", "p-cpe:/a:redhat:enterprise_linux:grub2-tools-minimal", "p-cpe:/a:redhat:enterprise_linux:shim-aa64", "p-cpe:/a:redhat:enterprise_linux:shim-ia32", "p-cpe:/a:redhat:enterprise_linux:shim-unsigned-x64", "p-cpe:/a:redhat:enterprise_linux:shim-x64"], "id": "REDHAT-RHSA-2020-3216.NASL", "href": "https://www.tenable.com/plugins/nessus/139194", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:3216. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(139194);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\n \"CVE-2020-10713\",\n \"CVE-2020-14308\",\n \"CVE-2020-14309\",\n \"CVE-2020-14310\",\n \"CVE-2020-14311\",\n \"CVE-2020-15705\",\n \"CVE-2020-15706\",\n \"CVE-2020-15707\"\n );\n script_xref(name:\"RHSA\", value:\"2020:3216\");\n script_xref(name:\"IAVA\", value:\"2020-A-0349\");\n\n script_name(english:\"RHEL 8 : grub2 (RHSA-2020:3216)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:3216 advisory.\n\n - grub2: Crafted grub.cfg file can lead to arbitrary code execution during boot process (CVE-2020-10713)\n\n - grub2: grub_malloc does not validate allocation size allowing for arithmetic overflow and subsequent heap-\n based buffer overflow (CVE-2020-14308)\n\n - grub2: Integer overflow in grub_squash_read_symlink may lead to heap-based buffer overflow\n (CVE-2020-14309)\n\n - grub2: Integer overflow read_section_as_string may lead to heap-based buffer overflow (CVE-2020-14310)\n\n - grub2: Integer overflow in grub_ext2_read_link leads to heap-based buffer overflow (CVE-2020-14311)\n\n - grub2: Fail kernel validation without shim protocol (CVE-2020-15705)\n\n - grub2: Use-after-free redefining a function whilst the same function is already executing (CVE-2020-15706)\n\n - grub2: Integer overflow in initrd size handling (CVE-2020-15707)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/78.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/122.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/190.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/416.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/440.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/787.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-10713\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-14308\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-14309\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-14310\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-14311\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-15705\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-15706\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-15707\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:3216\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1825243\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1852009\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1852014\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1852022\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1852030\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1860978\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1861118\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1861581\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-14309\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-10713\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(78, 122, 190, 416, 440, 787);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:fwupd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-aa64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-aa64-cdboot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-aa64-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32-cdboot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64-cdboot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-pc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-pc-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-ppc64le\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-ppc64le-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-tools-efi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-tools-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-tools-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:shim-aa64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:shim-ia32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:shim-unsigned-x64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:shim-x64\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'enterprise_linux_8_appstream': [\n 'rhel-8-for-aarch64-appstream-debug-rpms',\n 'rhel-8-for-aarch64-appstream-rpms',\n 'rhel-8-for-aarch64-appstream-source-rpms',\n 'rhel-8-for-s390x-appstream-debug-rpms',\n 'rhel-8-for-s390x-appstream-rpms',\n 'rhel-8-for-s390x-appstream-source-rpms',\n 'rhel-8-for-x86_64-appstream-debug-rpms',\n 'rhel-8-for-x86_64-appstream-rpms',\n 'rhel-8-for-x86_64-appstream-source-rpms'\n ],\n 'enterprise_linux_8_baseos': [\n 'rhel-8-for-aarch64-baseos-debug-rpms',\n 'rhel-8-for-aarch64-baseos-rpms',\n 'rhel-8-for-aarch64-baseos-source-rpms',\n 'rhel-8-for-s390x-baseos-debug-rpms',\n 'rhel-8-for-s390x-baseos-rpms',\n 'rhel-8-for-s390x-baseos-source-rpms',\n 'rhel-8-for-x86_64-baseos-debug-rpms',\n 'rhel-8-for-x86_64-baseos-rpms',\n 'rhel-8-for-x86_64-baseos-source-rpms'\n ],\n 'enterprise_linux_8_crb': [\n 'codeready-builder-for-rhel-8-aarch64-debug-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-aarch64-rpms',\n 'codeready-builder-for-rhel-8-aarch64-source-rpms',\n 'codeready-builder-for-rhel-8-s390x-debug-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms',\n 'codeready-builder-for-rhel-8-s390x-rpms',\n 'codeready-builder-for-rhel-8-s390x-source-rpms',\n 'codeready-builder-for-rhel-8-x86_64-debug-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-x86_64-rpms',\n 'codeready-builder-for-rhel-8-x86_64-source-rpms'\n ],\n 'enterprise_linux_8_highavailability': [\n 'rhel-8-for-aarch64-highavailability-debug-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms',\n 'rhel-8-for-aarch64-highavailability-rpms',\n 'rhel-8-for-aarch64-highavailability-source-rpms',\n 'rhel-8-for-s390x-highavailability-debug-rpms',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms',\n 'rhel-8-for-s390x-highavailability-eus-rpms',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms',\n 'rhel-8-for-s390x-highavailability-rpms',\n 'rhel-8-for-s390x-highavailability-source-rpms',\n 'rhel-8-for-x86_64-highavailability-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-rpms',\n 'rhel-8-for-x86_64-highavailability-source-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms'\n ],\n 'enterprise_linux_8_nfv': [\n 'rhel-8-for-x86_64-nfv-debug-rpms',\n 'rhel-8-for-x86_64-nfv-rpms',\n 'rhel-8-for-x86_64-nfv-source-rpms',\n 'rhel-8-for-x86_64-nfv-tus-debug-rpms',\n 'rhel-8-for-x86_64-nfv-tus-rpms',\n 'rhel-8-for-x86_64-nfv-tus-source-rpms'\n ],\n 'enterprise_linux_8_realtime': [\n 'rhel-8-for-x86_64-rt-debug-rpms',\n 'rhel-8-for-x86_64-rt-rpms',\n 'rhel-8-for-x86_64-rt-source-rpms',\n 'rhel-8-for-x86_64-rt-tus-debug-rpms',\n 'rhel-8-for-x86_64-rt-tus-rpms',\n 'rhel-8-for-x86_64-rt-tus-source-rpms'\n ],\n 'enterprise_linux_8_resilientstorage': [\n 'rhel-8-for-s390x-resilientstorage-debug-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms',\n 'rhel-8-for-s390x-resilientstorage-rpms',\n 'rhel-8-for-s390x-resilientstorage-source-rpms',\n 'rhel-8-for-x86_64-resilientstorage-debug-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms',\n 'rhel-8-for-x86_64-resilientstorage-rpms',\n 'rhel-8-for-x86_64-resilientstorage-source-rpms'\n ],\n 'enterprise_linux_8_sap': [\n 'rhel-8-for-s390x-sap-netweaver-debug-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-s390x-sap-netweaver-rpms',\n 'rhel-8-for-s390x-sap-netweaver-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-source-rpms'\n ],\n 'enterprise_linux_8_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-rpms',\n 'rhel-8-for-x86_64-sap-solutions-source-rpms'\n ],\n 'enterprise_linux_8_supplementary': [\n 'rhel-8-for-aarch64-supplementary-eus-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms',\n 'rhel-8-for-aarch64-supplementary-rpms',\n 'rhel-8-for-aarch64-supplementary-source-rpms',\n 'rhel-8-for-s390x-supplementary-eus-rpms',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms',\n 'rhel-8-for-s390x-supplementary-rpms',\n 'rhel-8-for-s390x-supplementary-source-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms',\n 'rhel-8-for-x86_64-supplementary-rpms',\n 'rhel-8-for-x86_64-supplementary-source-rpms'\n ],\n 'rhel_aus_8_2_appstream': [\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-aus-rpms',\n 'rhel-8-for-x86_64-appstream-aus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms__8_DOT_2'\n ],\n 'rhel_aus_8_2_baseos': [\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-aus-rpms',\n 'rhel-8-for-x86_64-baseos-aus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms__8_DOT_2'\n ],\n 'rhel_aus_8_4_appstream': [\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-aus-rpms',\n 'rhel-8-for-x86_64-appstream-aus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms__8_DOT_4'\n ],\n 'rhel_aus_8_4_baseos': [\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-aus-rpms',\n 'rhel-8-for-x86_64-baseos-aus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_2_appstream': [\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms__8_DOT_2'\n ],\n 'rhel_e4s_8_2_baseos': [\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-e4s-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms__8_DOT_2'\n ],\n 'rhel_e4s_8_2_highavailability': [\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms__8_DOT_2'\n ],\n 'rhel_e4s_8_2_sap': [\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms__8_DOT_2'\n ],\n 'rhel_e4s_8_2_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms__8_DOT_2'\n ],\n 'rhel_e4s_8_4_appstream': [\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_baseos': [\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-e4s-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_highavailability': [\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_sap': [\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_eus_8_2_appstream': [\n 'rhel-8-for-aarch64-appstream-eus-debug-rpms',\n 'rhel-8-for-aarch64-appstream-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-aarch64-appstream-eus-rpms',\n 'rhel-8-for-aarch64-appstream-eus-rpms__8_DOT_2',\n 'rhel-8-for-aarch64-appstream-eus-source-rpms',\n 'rhel-8-for-aarch64-appstream-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-s390x-appstream-eus-debug-rpms',\n 'rhel-8-for-s390x-appstream-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-s390x-appstream-eus-rpms',\n 'rhel-8-for-s390x-appstream-eus-rpms__8_DOT_2',\n 'rhel-8-for-s390x-appstream-eus-source-rpms',\n 'rhel-8-for-s390x-appstream-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-aus-rpms',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms',\n 'rhel-8-for-x86_64-appstream-eus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-eus-rpms',\n 'rhel-8-for-x86_64-appstream-eus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-eus-source-rpms',\n 'rhel-8-for-x86_64-appstream-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-tus-rpms',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms'\n ],\n 'rhel_eus_8_2_baseos': [\n 'rhel-8-for-aarch64-baseos-eus-debug-rpms',\n 'rhel-8-for-aarch64-baseos-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-aarch64-baseos-eus-rpms',\n 'rhel-8-for-aarch64-baseos-eus-rpms__8_DOT_2',\n 'rhel-8-for-aarch64-baseos-eus-source-rpms',\n 'rhel-8-for-aarch64-baseos-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-s390x-baseos-eus-debug-rpms',\n 'rhel-8-for-s390x-baseos-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-s390x-baseos-eus-rpms',\n 'rhel-8-for-s390x-baseos-eus-rpms__8_DOT_2',\n 'rhel-8-for-s390x-baseos-eus-source-rpms',\n 'rhel-8-for-s390x-baseos-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-aus-rpms',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms',\n 'rhel-8-for-x86_64-baseos-eus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-eus-rpms',\n 'rhel-8-for-x86_64-baseos-eus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-eus-source-rpms',\n 'rhel-8-for-x86_64-baseos-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-tus-rpms',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms'\n ],\n 'rhel_eus_8_2_crb': [\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms__8_DOT_2'\n ],\n 'rhel_eus_8_2_highavailability': [\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-aarch64-highavailability-eus-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-rpms__8_DOT_2',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-s390x-highavailability-eus-rpms',\n 'rhel-8-for-s390x-highavailability-eus-rpms__8_DOT_2',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-eus-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms'\n ],\n 'rhel_eus_8_2_resilientstorage': [\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms__8_DOT_2',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms__8_DOT_2'\n ],\n 'rhel_eus_8_2_sap': [\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms__8_DOT_2',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms__8_DOT_2'\n ],\n 'rhel_eus_8_2_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms__8_DOT_2'\n ],\n 'rhel_eus_8_2_supplementary': [\n 'rhel-8-for-aarch64-supplementary-eus-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-rpms__8_DOT_2',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-s390x-supplementary-eus-rpms',\n 'rhel-8-for-s390x-supplementary-eus-rpms__8_DOT_2',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-supplementary-eus-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms__8_DOT_2'\n ],\n 'rhel_eus_8_4_appstream': [\n 'rhel-8-for-aarch64-appstream-eus-debug-rpms',\n 'rhel-8-for-aarch64-appstream-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-appstream-eus-rpms',\n 'rhel-8-for-aarch64-appstream-eus-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-appstream-eus-source-rpms',\n 'rhel-8-for-aarch64-appstream-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-s390x-appstream-eus-debug-rpms',\n 'rhel-8-for-s390x-appstream-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-s390x-appstream-eus-rpms',\n 'rhel-8-for-s390x-appstream-eus-rpms__8_DOT_4',\n 'rhel-8-for-s390x-appstream-eus-source-rpms',\n 'rhel-8-for-s390x-appstream-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-aus-rpms',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms',\n 'rhel-8-for-x86_64-appstream-eus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-eus-rpms',\n 'rhel-8-for-x86_64-appstream-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-eus-source-rpms',\n 'rhel-8-for-x86_64-appstream-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-tus-rpms',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms'\n ],\n 'rhel_eus_8_4_baseos': [\n 'rhel-8-for-aarch64-baseos-eus-debug-rpms',\n 'rhel-8-for-aarch64-baseos-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-baseos-eus-rpms',\n 'rhel-8-for-aarch64-baseos-eus-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-baseos-eus-source-rpms',\n 'rhel-8-for-aarch64-baseos-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-s390x-baseos-eus-debug-rpms',\n 'rhel-8-for-s390x-baseos-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-s390x-baseos-eus-rpms',\n 'rhel-8-for-s390x-baseos-eus-rpms__8_DOT_4',\n 'rhel-8-for-s390x-baseos-eus-source-rpms',\n 'rhel-8-for-s390x-baseos-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-aus-rpms',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms',\n 'rhel-8-for-x86_64-baseos-eus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-eus-rpms',\n 'rhel-8-for-x86_64-baseos-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-eus-source-rpms',\n 'rhel-8-for-x86_64-baseos-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-tus-rpms',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms'\n ],\n 'rhel_eus_8_4_crb': [\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms__8_DOT_4'\n ],\n 'rhel_eus_8_4_highavailability': [\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-highavailability-eus-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-s390x-highavailability-eus-rpms',\n 'rhel-8-for-s390x-highavailability-eus-rpms__8_DOT_4',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-eus-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms'\n ],\n 'rhel_eus_8_4_resilientstorage': [\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms__8_DOT_4',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms__8_DOT_4'\n ],\n 'rhel_eus_8_4_sap': [\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms__8_DOT_4',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms__8_DOT_4'\n ],\n 'rhel_eus_8_4_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms__8_DOT_4'\n ],\n 'rhel_eus_8_4_supplementary': [\n 'rhel-8-for-aarch64-supplementary-eus-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-s390x-supplementary-eus-rpms',\n 'rhel-8-for-s390x-supplementary-eus-rpms__8_DOT_4',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-supplementary-eus-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms__8_DOT_4'\n ],\n 'rhel_extras_nfv_8': [\n 'rhel-8-for-x86_64-nfv-debug-rpms',\n 'rhel-8-for-x86_64-nfv-rpms',\n 'rhel-8-for-x86_64-nfv-source-rpms',\n 'rhel-8-for-x86_64-nfv-tus-debug-rpms',\n 'rhel-8-for-x86_64-nfv-tus-rpms',\n 'rhel-8-for-x86_64-nfv-tus-source-rpms'\n ],\n 'rhel_extras_rt_8': [\n 'rhel-8-for-x86_64-nfv-debug-rpms',\n 'rhel-8-for-x86_64-nfv-rpms',\n 'rhel-8-for-x86_64-nfv-source-rpms',\n 'rhel-8-for-x86_64-rt-debug-rpms',\n 'rhel-8-for-x86_64-rt-rpms',\n 'rhel-8-for-x86_64-rt-source-rpms',\n 'rhel-8-for-x86_64-rt-tus-debug-rpms',\n 'rhel-8-for-x86_64-rt-tus-rpms',\n 'rhel-8-for-x86_64-rt-tus-source-rpms'\n ],\n 'rhel_tus_8_2_appstream': [\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-tus-rpms',\n 'rhel-8-for-x86_64-appstream-tus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms__8_DOT_2'\n ],\n 'rhel_tus_8_2_baseos': [\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-tus-rpms',\n 'rhel-8-for-x86_64-baseos-tus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms__8_DOT_2'\n ],\n 'rhel_tus_8_2_highavailability': [\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms__8_DOT_2'\n ],\n 'rhel_tus_8_4_appstream': [\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-tus-rpms',\n 'rhel-8-for-x86_64-appstream-tus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms__8_DOT_4'\n ],\n 'rhel_tus_8_4_baseos': [\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-tus-rpms',\n 'rhel-8-for-x86_64-baseos-tus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms__8_DOT_4'\n ],\n 'rhel_tus_8_4_highavailability': [\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms__8_DOT_4'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nvar enterprise_linux_flag = rhel_repo_sets_has_enterprise_linux(repo_sets:repo_sets);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar pkgs = [\n {'reference':'fwupd-1.1.4-7.el8_2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'fwupd-1.1.4-7.el8_2', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'fwupd-1.1.4-7.el8_2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'grub2-common-2.02-87.el8_2', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'grub2-efi-aa64-2.02-87.el8_2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'grub2-efi-aa64-cdboot-2.02-87.el8_2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'grub2-efi-aa64-modules-2.02-87.el8_2', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'grub2-efi-ia32-2.02-87.el8_2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'grub2-efi-ia32-cdboot-2.02-87.el8_2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'grub2-efi-ia32-modules-2.02-87.el8_2', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'grub2-efi-x64-2.02-87.el8_2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'grub2-efi-x64-cdboot-2.02-87.el8_2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'grub2-efi-x64-modules-2.02-87.el8_2', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'grub2-pc-2.02-87.el8_2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'grub2-pc-modules-2.02-87.el8_2', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'grub2-ppc64le-modules-2.02-87.el8_2', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'grub2-tools-2.02-87.el8_2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'grub2-tools-2.02-87.el8_2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'grub2-tools-efi-2.02-87.el8_2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'grub2-tools-extra-2.02-87.el8_2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'grub2-tools-extra-2.02-87.el8_2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'grub2-tools-minimal-2.02-87.el8_2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'grub2-tools-minimal-2.02-87.el8_2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'shim-aa64-15-14.el8_2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'shim-ia32-15-14.el8_2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'shim-unsigned-x64-15-7.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'shim-x64-15-14.el8_2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp']) && !enterprise_linux_flag) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'fwupd / grub2-common / grub2-efi-aa64 / grub2-efi-aa64-cdboot / etc');\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-31T15:32:05", "description": "The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has grub2 packages installed that are affected by multiple vulnerabilities:\n\n - A flaw was found in grub2, prior to version 2.06. An attacker may use the GRUB 2 flaw to hijack and tamper the GRUB verification process. This flaw also allows the bypass of Secure Boot protections. In order to load an untrusted or modified kernel, an attacker would first need to establish access to the system such as gaining physical access, obtain the ability to alter a pxe-boot network, or have remote access to a networked system with root access. With this access, an attacker could then craft a string to cause a buffer overflow by injecting a malicious payload that leads to arbitrary code execution within GRUB. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2020-10713)\n\n - In grub2 versions before 2.06 the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This leads the function to return invalid memory allocations which can be further used to cause possible integrity, confidentiality and availability impacts during the boot process. (CVE-2020-14308)\n\n - There is an issue with grub2 before version 2.06 while handling symlink on ext filesystems. A filesystem containing a symbolic link with an inode size of UINT32_MAX causes an arithmetic overflow leading to a zero-sized memory allocation with subsequent heap-based buffer overflow. (CVE-2020-14311)\n\n - There's an issue with grub2 in all versions before 2.06 when handling squashfs filesystems containing a symbolic link with name length of UINT32 bytes in size. The name size leads to an arithmetic overflow leading to a zero-size allocation further causing a heap-based buffer overflow with attacker controlled data. (CVE-2020-14309)\n\n - There is an issue on grub2 before version 2.06 at function read_section_as_string(). It expects a font name to be at max UINT32_MAX - 1 length in bytes but it doesn't verify it before proceed with buffer allocation to read the value from the font value. An attacker may leverage that by crafting a malicious font file which has a name with UINT32_MAX, leading to read_section_as_string() to an arithmetic overflow, zero-sized allocation and further heap-based buffer overflow. (CVE-2020-14310)\n\n - GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel signing certificate has been imported directly into the secure boot database and the GRUB image is booted directly without the use of shim. This issue affects GRUB2 version 2.04 and prior versions. (CVE-2020-15705)\n\n - GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure boot restriction bypass. This issue affects GRUB2 version 2.04 and prior versions. (CVE-2020-15706)\n\n - Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2 upstream), leading to a heap-based buffer overflow. These could be triggered by an extremely large number of arguments to the initrd command on 32-bit architectures, or a crafted filesystem with very large files on any architecture. An attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. This issue affects GRUB2 version 2.04 and prior versions. (CVE-2020-15707)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.2, "vector": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}, "published": "2021-03-10T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.04 / MAIN 5.04 : grub2 Multiple Vulnerabilities (NS-SA-2021-0008)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10713", "CVE-2020-14308", "CVE-2020-14309", "CVE-2020-14310", "CVE-2020-14311", "CVE-2020-15705", "CVE-2020-15706", "CVE-2020-15707"], "modified": "2022-05-10T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2021-0008_GRUB2.NASL", "href": "https://www.tenable.com/plugins/nessus/147274", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2021-0008. The text\n# itself is copyright (C) ZTE, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(147274);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/10\");\n\n script_cve_id(\n \"CVE-2020-10713\",\n \"CVE-2020-14308\",\n \"CVE-2020-14309\",\n \"CVE-2020-14310\",\n \"CVE-2020-14311\",\n \"CVE-2020-15705\",\n \"CVE-2020-15706\",\n \"CVE-2020-15707\"\n );\n\n script_name(english:\"NewStart CGSL CORE 5.04 / MAIN 5.04 : grub2 Multiple Vulnerabilities (NS-SA-2021-0008)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has grub2 packages installed that are affected by\nmultiple vulnerabilities:\n\n - A flaw was found in grub2, prior to version 2.06. An attacker may use the GRUB 2 flaw to hijack and tamper\n the GRUB verification process. This flaw also allows the bypass of Secure Boot protections. In order to\n load an untrusted or modified kernel, an attacker would first need to establish access to the system such\n as gaining physical access, obtain the ability to alter a pxe-boot network, or have remote access to a\n networked system with root access. With this access, an attacker could then craft a string to cause a\n buffer overflow by injecting a malicious payload that leads to arbitrary code execution within GRUB. The\n highest threat from this vulnerability is to data confidentiality and integrity as well as system\n availability. (CVE-2020-10713)\n\n - In grub2 versions before 2.06 the grub memory allocator doesn't check for possible arithmetic overflows on\n the requested allocation size. This leads the function to return invalid memory allocations which can be\n further used to cause possible integrity, confidentiality and availability impacts during the boot\n process. (CVE-2020-14308)\n\n - There is an issue with grub2 before version 2.06 while handling symlink on ext filesystems. A filesystem\n containing a symbolic link with an inode size of UINT32_MAX causes an arithmetic overflow leading to a\n zero-sized memory allocation with subsequent heap-based buffer overflow. (CVE-2020-14311)\n\n - There's an issue with grub2 in all versions before 2.06 when handling squashfs filesystems containing a\n symbolic link with name length of UINT32 bytes in size. The name size leads to an arithmetic overflow\n leading to a zero-size allocation further causing a heap-based buffer overflow with attacker controlled\n data. (CVE-2020-14309)\n\n - There is an issue on grub2 before version 2.06 at function read_section_as_string(). It expects a font\n name to be at max UINT32_MAX - 1 length in bytes but it doesn't verify it before proceed with buffer\n allocation to read the value from the font value. An attacker may leverage that by crafting a malicious\n font file which has a name with UINT32_MAX, leading to read_section_as_string() to an arithmetic overflow,\n zero-sized allocation and further heap-based buffer overflow. (CVE-2020-14310)\n\n - GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be\n bypassed. This only affects systems where the kernel signing certificate has been imported directly into\n the secure boot database and the GRUB image is booted directly without the use of shim. This issue affects\n GRUB2 version 2.04 and prior versions. (CVE-2020-15705)\n\n - GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability\n which can be triggered by redefining a function whilst the same function is already executing, leading to\n arbitrary code execution and secure boot restriction bypass. This issue affects GRUB2 version 2.04 and\n prior versions. (CVE-2020-15706)\n\n - Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux\n component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2\n upstream), leading to a heap-based buffer overflow. These could be triggered by an extremely large number\n of arguments to the initrd command on 32-bit architectures, or a crafted filesystem with very large files\n on any architecture. An attacker could use this to execute arbitrary code and bypass UEFI Secure Boot\n restrictions. This issue affects GRUB2 version 2.04 and prior versions. (CVE-2020-15707)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2021-0008\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL grub2 packages. Note that updated packages may not be available yet. Please contact ZTE for\nmore information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-14309\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-10713\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item('Host/ZTE-CGSL/release');\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, 'NewStart Carrier Grade Server Linux');\n\nif (release !~ \"CGSL CORE 5.04\" &&\n release !~ \"CGSL MAIN 5.04\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.04 / NewStart CGSL MAIN 5.04');\n\nif (!get_kb_item('Host/ZTE-CGSL/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'NewStart Carrier Grade Server Linux', cpu);\n\nflag = 0;\n\npkgs = {\n 'CGSL CORE 5.04': [\n 'grub2-2.02-0.86.el7.centos.cgslv5.0.6.gd5cefb9.lite',\n 'grub2-common-2.02-0.86.el7.centos.cgslv5.0.6.gd5cefb9.lite',\n 'grub2-debuginfo-2.02-0.86.el7.centos.cgslv5.0.6.gd5cefb9.lite',\n 'grub2-efi-ia32-2.02-0.86.el7.centos.cgslv5.0.6.gd5cefb9.lite',\n 'grub2-efi-ia32-cdboot-2.02-0.86.el7.centos.cgslv5.0.6.gd5cefb9.lite',\n 'grub2-efi-ia32-modules-2.02-0.86.el7.centos.cgslv5.0.6.gd5cefb9.lite',\n 'grub2-efi-x64-2.02-0.86.el7.centos.cgslv5.0.6.gd5cefb9.lite',\n 'grub2-efi-x64-cdboot-2.02-0.86.el7.centos.cgslv5.0.6.gd5cefb9.lite',\n 'grub2-efi-x64-modules-2.02-0.86.el7.centos.cgslv5.0.6.gd5cefb9.lite',\n 'grub2-i386-modules-2.02-0.86.el7.centos.cgslv5.0.6.gd5cefb9.lite',\n 'grub2-lang-2.02-0.86.el7.centos.cgslv5.0.6.gd5cefb9.lite',\n 'grub2-pc-2.02-0.86.el7.centos.cgslv5.0.6.gd5cefb9.lite',\n 'grub2-pc-modules-2.02-0.86.el7.centos.cgslv5.0.6.gd5cefb9.lite',\n 'grub2-tools-2.02-0.86.el7.centos.cgslv5.0.6.gd5cefb9.lite',\n 'grub2-tools-extra-2.02-0.86.el7.centos.cgslv5.0.6.gd5cefb9.lite',\n 'grub2-tools-minimal-2.02-0.86.el7.centos.cgslv5.0.6.gd5cefb9.lite'\n ],\n 'CGSL MAIN 5.04': [\n 'grub2-2.02-0.86.el7.centos.cgslv5.0.4.g2c2efca',\n 'grub2-common-2.02-0.86.el7.centos.cgslv5.0.4.g2c2efca',\n 'grub2-debuginfo-2.02-0.86.el7.centos.cgslv5.0.4.g2c2efca',\n 'grub2-efi-ia32-2.02-0.86.el7.centos.cgslv5.0.4.g2c2efca',\n 'grub2-efi-ia32-cdboot-2.02-0.86.el7.centos.cgslv5.0.4.g2c2efca',\n 'grub2-efi-ia32-modules-2.02-0.86.el7.centos.cgslv5.0.4.g2c2efca',\n 'grub2-efi-x64-2.02-0.86.el7.centos.cgslv5.0.4.g2c2efca',\n 'grub2-efi-x64-cdboot-2.02-0.86.el7.centos.cgslv5.0.4.g2c2efca',\n 'grub2-efi-x64-modules-2.02-0.86.el7.centos.cgslv5.0.4.g2c2efca',\n 'grub2-i386-modules-2.02-0.86.el7.centos.cgslv5.0.4.g2c2efca',\n 'grub2-pc-2.02-0.86.el7.centos.cgslv5.0.4.g2c2efca',\n 'grub2-pc-modules-2.02-0.86.el7.centos.cgslv5.0.4.g2c2efca',\n 'grub2-tools-2.02-0.86.el7.centos.cgslv5.0.4.g2c2efca',\n 'grub2-tools-extra-2.02-0.86.el7.centos.cgslv5.0.4.g2c2efca',\n 'grub2-tools-minimal-2.02-0.86.el7.centos.cgslv5.0.4.g2c2efca'\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:'ZTE ' + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'grub2');\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-31T16:35:58", "description": "The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:3217 advisory.\n\n - grub2: Crafted grub.cfg file can lead to arbitrary code execution during boot process (CVE-2020-10713)\n\n - grub2: grub_malloc does not validate allocation size allowing for arithmetic overflow and subsequent heap- based buffer overflow (CVE-2020-14308)\n\n - grub2: Integer overflow in grub_squash_read_symlink may lead to heap-based buffer overflow (CVE-2020-14309)\n\n - grub2: Integer overflow read_section_as_string may lead to heap-based buffer overflow (CVE-2020-14310)\n\n - grub2: Integer overflow in grub_ext2_read_link leads to heap-based buffer overflow (CVE-2020-14311)\n\n - grub2: Fail kernel validation without shim protocol (CVE-2020-15705)\n\n - grub2: Use-after-free redefining a function whilst the same function is already executing (CVE-2020-15706)\n\n - grub2: Integer overflow in initrd size handling (CVE-2020-15707)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.2, "vector": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}, "published": "2020-07-31T00:00:00", "type": "nessus", "title": "CentOS 7 : grub2 (CESA-2020:3217)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10713", "CVE-2020-14308", "CVE-2020-14309", "CVE-2020-14310", "CVE-2020-14311", "CVE-2020-15705", "CVE-2020-15706", "CVE-2020-15707"], "modified": "2022-05-12T00:00:00", "cpe": ["p-cpe:/a:centos:centos:grub2", "p-cpe:/a:centos:centos:grub2-common", "p-cpe:/a:centos:centos:grub2-efi-ia32", "p-cpe:/a:centos:centos:grub2-efi-ia32-cdboot", "p-cpe:/a:centos:centos:grub2-efi-ia32-modules", "p-cpe:/a:centos:centos:grub2-efi-x64", "p-cpe:/a:centos:centos:grub2-efi-x64-cdboot", "p-cpe:/a:centos:centos:grub2-efi-x64-modules", "p-cpe:/a:centos:centos:grub2-i386-modules", "p-cpe:/a:centos:centos:grub2-pc", "p-cpe:/a:centos:centos:grub2-pc-modules", "p-cpe:/a:centos:centos:grub2-tools", "p-cpe:/a:centos:centos:grub2-tools-extra", "p-cpe:/a:centos:centos:grub2-tools-minimal", "p-cpe:/a:centos:centos:mokutil", "p-cpe:/a:centos:centos:shim-ia32", "p-cpe:/a:centos:centos:shim-unsigned-ia32", "p-cpe:/a:centos:centos:shim-unsigned-x64", "p-cpe:/a:centos:centos:shim-x64", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2020-3217.NASL", "href": "https://www.tenable.com/plugins/nessus/139236", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:3217 and\n# CentOS Errata and Security Advisory 2020:3217 respectively.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(139236);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\n \"CVE-2020-10713\",\n \"CVE-2020-14308\",\n \"CVE-2020-14309\",\n \"CVE-2020-14310\",\n \"CVE-2020-14311\",\n \"CVE-2020-15705\",\n \"CVE-2020-15706\",\n \"CVE-2020-15707\"\n );\n script_xref(name:\"RHSA\", value:\"2020:3217\");\n script_xref(name:\"IAVA\", value:\"2020-A-0349\");\n\n script_name(english:\"CentOS 7 : grub2 (CESA-2020:3217)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nCESA-2020:3217 advisory.\n\n - grub2: Crafted grub.cfg file can lead to arbitrary code execution during boot process (CVE-2020-10713)\n\n - grub2: grub_malloc does not validate allocation size allowing for arithmetic overflow and subsequent heap-\n based buffer overflow (CVE-2020-14308)\n\n - grub2: Integer overflow in grub_squash_read_symlink may lead to heap-based buffer overflow\n (CVE-2020-14309)\n\n - grub2: Integer overflow read_section_as_string may lead to heap-based buffer overflow (CVE-2020-14310)\n\n - grub2: Integer overflow in grub_ext2_read_link leads to heap-based buffer overflow (CVE-2020-14311)\n\n - grub2: Fail kernel validation without shim protocol (CVE-2020-15705)\n\n - grub2: Use-after-free redefining a function whilst the same function is already executing (CVE-2020-15706)\n\n - grub2: Integer overflow in initrd size handling (CVE-2020-15707)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://lists.centos.org/pipermail/centos-announce/2020-July/035781.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c42bb45f\");\n # https://lists.centos.org/pipermail/centos-announce/2020-July/035783.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c580a639\");\n # https://lists.centos.org/pipermail/centos-announce/2020-July/035784.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?7da4e0c5\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/78.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/122.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/190.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/416.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/440.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/787.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-14309\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-10713\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_cwe_id(78, 122, 190, 416, 440, 787);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/31\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:grub2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:grub2-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:grub2-efi-ia32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:grub2-efi-ia32-cdboot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:grub2-efi-ia32-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:grub2-efi-x64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:grub2-efi-x64-cdboot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:grub2-efi-x64-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:grub2-i386-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:grub2-pc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:grub2-pc-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:grub2-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:grub2-tools-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:grub2-tools-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:mokutil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:shim-ia32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:shim-unsigned-ia32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:shim-unsigned-x64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:shim-x64\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'CentOS 7.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\npkgs = [\n {'reference':'grub2-2.02-0.86.el7.centos', 'cpu':'x86_64', 'release':'CentOS-7'},\n {'reference':'grub2-common-2.02-0.86.el7.centos', 'release':'CentOS-7'},\n {'reference':'grub2-efi-ia32-2.02-0.86.el7.centos', 'cpu':'x86_64', 'release':'CentOS-7'},\n {'reference':'grub2-efi-ia32-cdboot-2.02-0.86.el7.centos', 'cpu':'x86_64', 'release':'CentOS-7'},\n {'reference':'grub2-efi-ia32-modules-2.02-0.86.el7.centos', 'release':'CentOS-7'},\n {'reference':'grub2-efi-x64-2.02-0.86.el7.centos', 'cpu':'x86_64', 'release':'CentOS-7'},\n {'reference':'grub2-efi-x64-cdboot-2.02-0.86.el7.centos', 'cpu':'x86_64', 'release':'CentOS-7'},\n {'reference':'grub2-efi-x64-modules-2.02-0.86.el7.centos', 'release':'CentOS-7'},\n {'reference':'grub2-i386-modules-2.02-0.86.el7.centos', 'release':'CentOS-7'},\n {'reference':'grub2-pc-2.02-0.86.el7.centos', 'cpu':'x86_64', 'release':'CentOS-7'},\n {'reference':'grub2-pc-modules-2.02-0.86.el7.centos', 'release':'CentOS-7'},\n {'reference':'grub2-tools-2.02-0.86.el7.centos', 'cpu':'x86_64', 'release':'CentOS-7'},\n {'reference':'grub2-tools-extra-2.02-0.86.el7.centos', 'cpu':'x86_64', 'release':'CentOS-7'},\n {'reference':'grub2-tools-minimal-2.02-0.86.el7.centos', 'cpu':'x86_64', 'release':'CentOS-7'},\n {'reference':'mokutil-15-7.el7_9', 'sp':'9', 'cpu':'x86_64', 'release':'CentOS-7'},\n {'reference':'shim-ia32-15-7.el7_9', 'sp':'9', 'cpu':'x86_64', 'release':'CentOS-7'},\n {'reference':'shim-unsigned-ia32-15-7.el7_9', 'sp':'9', 'cpu':'x86_64', 'release':'CentOS-7'},\n {'reference':'shim-unsigned-x64-15-7.el7_9', 'sp':'9', 'cpu':'x86_64', 'release':'CentOS-7'},\n {'reference':'shim-x64-15-7.el7_9', 'sp':'9', 'cpu':'x86_64', 'release':'CentOS-7'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'grub2 / grub2-common / grub2-efi-ia32 / etc');\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-31T16:35:58", "description": "Description of changes:\n\n[2.02-81.0.3]\n- Fix CVE-2020-10713, CVE-2020-14308, CVE-2020-14309, CVE-2020-14310, CVE-2020-14311, CVE-2020-15705, CVE-2020-15706, CVE-2020-15707 [Orabug: 31225072]\n- Update signing certificate for efi binaries", "cvss3": {"score": 8.2, "vector": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}, "published": "2020-07-30T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : grub2 (ELSA-2020-5782)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10713", "CVE-2020-14308", "CVE-2020-14309", "CVE-2020-14310", "CVE-2020-14311", "CVE-2020-15705", "CVE-2020-15706", "CVE-2020-15707"], "modified": "2022-05-12T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:grub2", "p-cpe:/a:oracle:linux:grub2-common", "p-cpe:/a:oracle:linux:grub2-efi-ia32", "p-cpe:/a:oracle:linux:grub2-efi-ia32-cdboot", "p-cpe:/a:oracle:linux:grub2-efi-ia32-modules", "p-cpe:/a:oracle:linux:grub2-efi-x64", "p-cpe:/a:oracle:linux:grub2-efi-x64-cdboot", "p-cpe:/a:oracle:linux:grub2-efi-x64-modules", "p-cpe:/a:oracle:linux:grub2-pc", "p-cpe:/a:oracle:linux:grub2-pc-modules", "p-cpe:/a:oracle:linux:grub2-tools", "p-cpe:/a:oracle:linux:grub2-tools-extra", "p-cpe:/a:oracle:linux:grub2-tools-minimal", "cpe:/o:oracle:linux:7"], "id": "ORACLELINUX_ELSA-2020-5782.NASL", "href": "https://www.tenable.com/plugins/nessus/139164", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2020-5782.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(139164);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\n \"CVE-2020-10713\",\n \"CVE-2020-14308\",\n \"CVE-2020-14309\",\n \"CVE-2020-14310\",\n \"CVE-2020-14311\",\n \"CVE-2020-15705\",\n \"CVE-2020-15706\",\n \"CVE-2020-15707\"\n );\n script_xref(name:\"IAVA\", value:\"2020-A-0349\");\n\n script_name(english:\"Oracle Linux 7 : grub2 (ELSA-2020-5782)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"Description of changes:\n\n[2.02-81.0.3]\n- Fix CVE-2020-10713, CVE-2020-14308, CVE-2020-14309, CVE-2020-14310, \nCVE-2020-14311,\nCVE-2020-15705, CVE-2020-15706, CVE-2020-15707 [Orabug: 31225072]\n- Update signing certificate for efi binaries\");\n script_set_attribute(attribute:\"see_also\", value:\"https://oss.oracle.com/pipermail/el-errata/2020-July/010163.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected grub2 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-14309\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-10713\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:grub2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:grub2-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:grub2-efi-ia32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:grub2-efi-ia32-cdboot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:grub2-efi-ia32-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:grub2-efi-x64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:grub2-efi-x64-cdboot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:grub2-efi-x64-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:grub2-pc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:grub2-pc-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:grub2-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:grub2-tools-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:grub2-tools-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"grub2-2.02-0.81.0.3.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"grub2-common-2.02-0.81.0.3.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"grub2-efi-ia32-2.02-0.81.0.3.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"grub2-efi-ia32-cdboot-2.02-0.81.0.3.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"grub2-efi-ia32-modules-2.02-0.81.0.3.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"grub2-efi-x64-2.02-0.81.0.3.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"grub2-efi-x64-cdboot-2.02-0.81.0.3.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"grub2-efi-x64-modules-2.02-0.81.0.3.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"grub2-pc-2.02-0.81.0.3.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"grub2-pc-modules-2.02-0.81.0.3.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"grub2-tools-2.02-0.81.0.3.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"grub2-tools-extra-2.02-0.81.0.3.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"grub2-tools-minimal-2.02-0.81.0.3.el7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"grub2 / grub2-common / grub2-efi-ia32 / grub2-efi-ia32-cdboot / etc\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-31T16:36:20", "description": "An update of the grub2 package has been released.", "cvss3": {"score": 8.2, "vector": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}, "published": "2020-08-01T00:00:00", "type": "nessus", "title": "Photon OS 1.0: Grub2 PHSA-2020-1.0-0311", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10713", "CVE-2020-14308", "CVE-2020-14309", "CVE-2020-14310", "CVE-2020-14311", "CVE-2020-15705", "CVE-2020-15706", "CVE-2020-15707"], "modified": "2022-05-12T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:grub2", "cpe:/o:vmware:photonos:1.0"], "id": "PHOTONOS_PHSA-2020-1_0-0311_GRUB2.NASL", "href": "https://www.tenable.com/plugins/nessus/139242", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2020-1.0-0311. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(139242);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\n \"CVE-2020-10713\",\n \"CVE-2020-14308\",\n \"CVE-2020-14309\",\n \"CVE-2020-14310\",\n \"CVE-2020-14311\",\n \"CVE-2020-15705\",\n \"CVE-2020-15706\",\n \"CVE-2020-15707\"\n );\n script_xref(name:\"IAVA\", value:\"2020-A-0349\");\n\n script_name(english:\"Photon OS 1.0: Grub2 PHSA-2020-1.0-0311\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the grub2 package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-1.0-311.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-14309\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-10713\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:grub2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"grub2-2.04-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"grub2-efi-2.04-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"grub2-lang-2.04-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"grub2-pc-2.04-1.ph1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"grub2\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-31T15:40:33", "description": "The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has grub2 packages installed that are affected by multiple vulnerabilities:\n\n - A flaw was found in grub2, prior to version 2.06. An attacker may use the GRUB 2 flaw to hijack and tamper the GRUB verification process. This flaw also allows the bypass of Secure Boot protections. In order to load an untrusted or modified kernel, an attacker would first need to establish access to the system such as gaining physical access, obtain the ability to alter a pxe-boot network, or have remote access to a networked system with root access. With this access, an attacker could then craft a string to cause a buffer overflow by injecting a malicious payload that leads to arbitrary code execution within GRUB. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2020-10713)\n\n - In grub2 versions before 2.06 the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This leads the function to return invalid memory allocations which can be further used to cause possible integrity, confidentiality and availability impacts during the boot process. (CVE-2020-14308)\n\n - There's an issue with grub2 in all versions before 2.06 when handling squashfs filesystems containing a symbolic link with name length of UINT32 bytes in size. The name size leads to an arithmetic overflow leading to a zero-size allocation further causing a heap-based buffer overflow with attacker controlled data. (CVE-2020-14309)\n\n - There is an issue on grub2 before version 2.06 at function read_section_as_string(). It expects a font name to be at max UINT32_MAX - 1 length in bytes but it doesn't verify it before proceed with buffer allocation to read the value from the font value. An attacker may leverage that by crafting a malicious font file which has a name with UINT32_MAX, leading to read_section_as_string() to an arithmetic overflow, zero-sized allocation and further heap-based buffer overflow. (CVE-2020-14310)\n\n - There is an issue with grub2 before version 2.06 while handling symlink on ext filesystems. A filesystem containing a symbolic link with an inode size of UINT32_MAX causes an arithmetic overflow leading to a zero-sized memory allocation with subsequent heap-based buffer overflow. (CVE-2020-14311)\n\n - GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel signing certificate has been imported directly into the secure boot database and the GRUB image is booted directly without the use of shim. This issue affects GRUB2 version 2.04 and prior versions. (CVE-2020-15705)\n\n - GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure boot restriction bypass. This issue affects GRUB2 version 2.04 and prior versions. (CVE-2020-15706)\n\n - Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2 upstream), leading to a heap-based buffer overflow. These could be triggered by an extremely large number of arguments to the initrd command on 32-bit architectures, or a crafted filesystem with very large files on any architecture. An attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. This issue affects GRUB2 version 2.04 and prior versions. (CVE-2020-15707)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.2, "vector": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}, "published": "2021-10-27T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.05 / MAIN 5.05 : grub2 Multiple Vulnerabilities (NS-SA-2021-0139)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10713", "CVE-2020-14308", "CVE-2020-14309", "CVE-2020-14310", "CVE-2020-14311", "CVE-2020-15705", "CVE-2020-15706", "CVE-2020-15707"], "modified": "2022-05-09T00:00:00", "cpe": ["p-cpe:/a:zte:cgsl_core:grub2", "p-cpe:/a:zte:cgsl_core:grub2-common", "p-cpe:/a:zte:cgsl_core:grub2-debuginfo", "p-cpe:/a:zte:cgsl_core:grub2-efi-ia32", "p-cpe:/a:zte:cgsl_core:grub2-efi-ia32-cdboot", "p-cpe:/a:zte:cgsl_core:grub2-efi-ia32-modules", "p-cpe:/a:zte:cgsl_core:grub2-efi-x64", "p-cpe:/a:zte:cgsl_core:grub2-efi-x64-cdboot", "p-cpe:/a:zte:cgsl_core:grub2-efi-x64-modules", "p-cpe:/a:zte:cgsl_core:grub2-i386-modules", "p-cpe:/a:zte:cgsl_core:grub2-lang", "p-cpe:/a:zte:cgsl_core:grub2-pc", "p-cpe:/a:zte:cgsl_core:grub2-pc-modules", "p-cpe:/a:zte:cgsl_core:grub2-tools", "p-cpe:/a:zte:cgsl_core:grub2-tools-extra", "p-cpe:/a:zte:cgsl_core:grub2-tools-minimal", "p-cpe:/a:zte:cgsl_main:grub2", "p-cpe:/a:zte:cgsl_main:grub2-common", "p-cpe:/a:zte:cgsl_main:grub2-debuginfo", "p-cpe:/a:zte:cgsl_main:grub2-efi-ia32", "p-cpe:/a:zte:cgsl_main:grub2-efi-ia32-cdboot", "p-cpe:/a:zte:cgsl_main:grub2-efi-ia32-modules", "p-cpe:/a:zte:cgsl_main:grub2-efi-x64", "p-cpe:/a:zte:cgsl_main:grub2-efi-x64-cdboot", "p-cpe:/a:zte:cgsl_main:grub2-efi-x64-modules", "p-cpe:/a:zte:cgsl_main:grub2-i386-modules", "p-cpe:/a:zte:cgsl_main:grub2-pc", "p-cpe:/a:zte:cgsl_main:grub2-pc-modules", "p-cpe:/a:zte:cgsl_main:grub2-tools", "p-cpe:/a:zte:cgsl_main:grub2-tools-extra", "p-cpe:/a:zte:cgsl_main:grub2-tools-minimal", "cpe:/o:zte:cgsl_core:5", "cpe:/o:zte:cgsl_main:5"], "id": "NEWSTART_CGSL_NS-SA-2021-0139_GRUB2.NASL", "href": "https://www.tenable.com/plugins/nessus/154470", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2021-0139. The text\n# itself is copyright (C) ZTE, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154470);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\n \"CVE-2020-10713\",\n \"CVE-2020-14308\",\n \"CVE-2020-14309\",\n \"CVE-2020-14310\",\n \"CVE-2020-14311\",\n \"CVE-2020-15705\",\n \"CVE-2020-15706\",\n \"CVE-2020-15707\"\n );\n script_xref(name:\"IAVA\", value:\"2020-A-0349\");\n\n script_name(english:\"NewStart CGSL CORE 5.05 / MAIN 5.05 : grub2 Multiple Vulnerabilities (NS-SA-2021-0139)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote NewStart CGSL host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has grub2 packages installed that are affected by\nmultiple vulnerabilities:\n\n - A flaw was found in grub2, prior to version 2.06. An attacker may use the GRUB 2 flaw to hijack and tamper\n the GRUB verification process. This flaw also allows the bypass of Secure Boot protections. In order to\n load an untrusted or modified kernel, an attacker would first need to establish access to the system such\n as gaining physical access, obtain the ability to alter a pxe-boot network, or have remote access to a\n networked system with root access. With this access, an attacker could then craft a string to cause a\n buffer overflow by injecting a malicious payload that leads to arbitrary code execution within GRUB. The\n highest threat from this vulnerability is to data confidentiality and integrity as well as system\n availability. (CVE-2020-10713)\n\n - In grub2 versions before 2.06 the grub memory allocator doesn't check for possible arithmetic overflows on\n the requested allocation size. This leads the function to return invalid memory allocations which can be\n further used to cause possible integrity, confidentiality and availability impacts during the boot\n process. (CVE-2020-14308)\n\n - There's an issue with grub2 in all versions before 2.06 when handling squashfs filesystems containing a\n symbolic link with name length of UINT32 bytes in size. The name size leads to an arithmetic overflow\n leading to a zero-size allocation further causing a heap-based buffer overflow with attacker controlled\n data. (CVE-2020-14309)\n\n - There is an issue on grub2 before version 2.06 at function read_section_as_string(). It expects a font\n name to be at max UINT32_MAX - 1 length in bytes but it doesn't verify it before proceed with buffer\n allocation to read the value from the font value. An attacker may leverage that by crafting a malicious\n font file which has a name with UINT32_MAX, leading to read_section_as_string() to an arithmetic overflow,\n zero-sized allocation and further heap-based buffer overflow. (CVE-2020-14310)\n\n - There is an issue with grub2 before version 2.06 while handling symlink on ext filesystems. A filesystem\n containing a symbolic link with an inode size of UINT32_MAX causes an arithmetic overflow leading to a\n zero-sized memory allocation with subsequent heap-based buffer overflow. (CVE-2020-14311)\n\n - GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be\n bypassed. This only affects systems where the kernel signing certificate has been imported directly into\n the secure boot database and the GRUB image is booted directly without the use of shim. This issue affects\n GRUB2 version 2.04 and prior versions. (CVE-2020-15705)\n\n - GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability\n which can be triggered by redefining a function whilst the same function is already executing, leading to\n arbitrary code execution and secure boot restriction bypass. This issue affects GRUB2 version 2.04 and\n prior versions. (CVE-2020-15706)\n\n - Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux\n component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2\n upstream), leading to a heap-based buffer overflow. These could be triggered by an extremely large number\n of arguments to the initrd command on 32-bit architectures, or a crafted filesystem with very large files\n on any architecture. An attacker could use this to execute arbitrary code and bypass UEFI Secure Boot\n restrictions. This issue affects GRUB2 version 2.04 and prior versions. (CVE-2020-15707)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2021-0139\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2020-10713\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2020-14308\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2020-14309\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2020-14310\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2020-14311\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2020-15705\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2020-15706\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2020-15707\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL grub2 packages. Note that updated packages may not be available yet. Please contact ZTE for\nmore information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-14309\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-10713\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:grub2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:grub2-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:grub2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:grub2-efi-ia32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:grub2-efi-ia32-cdboot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:grub2-efi-ia32-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:grub2-efi-x64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:grub2-efi-x64-cdboot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:grub2-efi-x64-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:grub2-i386-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:grub2-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:grub2-pc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:grub2-pc-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:grub2-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:grub2-tools-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:grub2-tools-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:grub2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:grub2-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:grub2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:grub2-efi-ia32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:grub2-efi-ia32-cdboot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:grub2-efi-ia32-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:grub2-efi-x64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:grub2-efi-x64-cdboot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:grub2-efi-x64-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:grub2-i386-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:grub2-pc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:grub2-pc-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:grub2-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:grub2-tools-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:grub2-tools-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:zte:cgsl_core:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:zte:cgsl_main:5\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item('Host/ZTE-CGSL/release');\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, 'NewStart Carrier Grade Server Linux');\n\nif (release !~ \"CGSL CORE 5.05\" &&\n release !~ \"CGSL MAIN 5.05\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.05 / NewStart CGSL MAIN 5.05');\n\nif (!get_kb_item('Host/ZTE-CGSL/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'NewStart Carrier Grade Server Linux', cpu);\n\nvar flag = 0;\n\nvar pkgs = {\n 'CGSL CORE 5.05': [\n 'grub2-2.02-0.86.el7.centos.cgslv5_5.0.6.g4a36c9e.lite',\n 'grub2-common-2.02-0.86.el7.centos.cgslv5_5.0.6.g4a36c9e.lite',\n 'grub2-debuginfo-2.02-0.86.el7.centos.cgslv5_5.0.6.g4a36c9e.lite',\n 'grub2-efi-ia32-2.02-0.86.el7.centos.cgslv5_5.0.6.g4a36c9e.lite',\n 'grub2-efi-ia32-cdboot-2.02-0.86.el7.centos.cgslv5_5.0.6.g4a36c9e.lite',\n 'grub2-efi-ia32-modules-2.02-0.86.el7.centos.cgslv5_5.0.6.g4a36c9e.lite',\n 'grub2-efi-x64-2.02-0.86.el7.centos.cgslv5_5.0.6.g4a36c9e.lite',\n 'grub2-efi-x64-cdboot-2.02-0.86.el7.centos.cgslv5_5.0.6.g4a36c9e.lite',\n 'grub2-efi-x64-modules-2.02-0.86.el7.centos.cgslv5_5.0.6.g4a36c9e.lite',\n 'grub2-i386-modules-2.02-0.86.el7.centos.cgslv5_5.0.6.g4a36c9e.lite',\n 'grub2-lang-2.02-0.86.el7.centos.cgslv5_5.0.6.g4a36c9e.lite',\n 'grub2-pc-2.02-0.86.el7.centos.cgslv5_5.0.6.g4a36c9e.lite',\n 'grub2-pc-modules-2.02-0.86.el7.centos.cgslv5_5.0.6.g4a36c9e.lite',\n 'grub2-tools-2.02-0.86.el7.centos.cgslv5_5.0.6.g4a36c9e.lite',\n 'grub2-tools-extra-2.02-0.86.el7.centos.cgslv5_5.0.6.g4a36c9e.lite',\n 'grub2-tools-minimal-2.02-0.86.el7.centos.cgslv5_5.0.6.g4a36c9e.lite'\n ],\n 'CGSL MAIN 5.05': [\n 'grub2-2.02-0.86.el7.centos.cgslv5_5.0.7.g62910b8',\n 'grub2-common-2.02-0.86.el7.centos.cgslv5_5.0.7.g62910b8',\n 'grub2-debuginfo-2.02-0.86.el7.centos.cgslv5_5.0.7.g62910b8',\n 'grub2-efi-ia32-2.02-0.86.el7.centos.cgslv5_5.0.7.g62910b8',\n 'grub2-efi-ia32-cdboot-2.02-0.86.el7.centos.cgslv5_5.0.7.g62910b8',\n 'grub2-efi-ia32-modules-2.02-0.86.el7.centos.cgslv5_5.0.7.g62910b8',\n 'grub2-efi-x64-2.02-0.86.el7.centos.cgslv5_5.0.7.g62910b8',\n 'grub2-efi-x64-cdboot-2.02-0.86.el7.centos.cgslv5_5.0.7.g62910b8',\n 'grub2-efi-x64-modules-2.02-0.86.el7.centos.cgslv5_5.0.7.g62910b8',\n 'grub2-i386-modules-2.02-0.86.el7.centos.cgslv5_5.0.7.g62910b8',\n 'grub2-pc-2.02-0.86.el7.centos.cgslv5_5.0.7.g62910b8',\n 'grub2-pc-modules-2.02-0.86.el7.centos.cgslv5_5.0.7.g62910b8',\n 'grub2-tools-2.02-0.86.el7.centos.cgslv5_5.0.7.g62910b8',\n 'grub2-tools-extra-2.02-0.86.el7.centos.cgslv5_5.0.7.g62910b8',\n 'grub2-tools-minimal-2.02-0.86.el7.centos.cgslv5_5.0.7.g62910b8'\n ]\n};\nvar pkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:'ZTE ' + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'grub2');\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-01T17:16:50", "description": "USN-4432-1 fixed vulnerabilities in GRUB2 affecting Secure Boot environments. Unfortunately, the update introduced regressions for some BIOS systems (either pre-UEFI or UEFI configured in Legacy mode), preventing them from successfully booting. This update addresses the issue. Users with BIOS systems that installed GRUB2 versions from USN-4432-1 should verify that their GRUB2 installation has a correct understanding of their boot device location and installed the boot loader correctly. We apologize for the inconvenience.\n\nJesse Michael and Mickey Shkatov discovered that the configuration parser in GRUB2 did not properly exit when errors were discovered, resulting in heap-based buffer overflows. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2020-10713) Chris Coulson discovered that the GRUB2 function handling code did not properly handle a function being redefined, leading to a use-after-free vulnerability. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2020-15706) Chris Coulson discovered that multiple integer overflows existed in GRUB2 when handling certain filesystems or font files, leading to heap-based buffer overflows. A local attacker could use these to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2020-14309, CVE-2020-14310, CVE-2020-14311) It was discovered that the memory allocator for GRUB2 did not validate allocation size, resulting in multiple integer overflows and heap-based buffer overflows when handling certain filesystems, PNG images or disk metadata. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2020-14308) Mathieu Trudel-Lapierre discovered that in certain situations, GRUB2 failed to validate kernel signatures. A local attacker could use this to bypass Secure Boot restrictions.\n(CVE-2020-15705) Colin Watson and Chris Coulson discovered that an integer overflow existed in GRUB2 when handling the initrd command, leading to a heap-based buffer overflow. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2020-15707).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.2, "vector": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}, "published": "2020-08-06T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS / 18.04 LTS / 20.04 : GRUB2 regression (USN-4432-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10713", "CVE-2020-14308", "CVE-2020-14309", "CVE-2020-14310", "CVE-2020-14311", "CVE-2020-15705", "CVE-2020-15706", "CVE-2020-15707"], "modified": "2022-05-13T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:grub-efi-amd64-bin", "p-cpe:/a:canonical:ubuntu_linux:grub-efi-amd64-signed", "p-cpe:/a:canonical:ubuntu_linux:grub-efi-arm-bin", "p-cpe:/a:canonical:ubuntu_linux:grub-efi-arm64-bin", "p-cpe:/a:canonical:ubuntu_linux:grub-efi-arm64-signed", "p-cpe:/a:canonical:ubuntu_linux:grub-efi-ia32-bin", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:20.04"], "id": "UBUNTU_USN-4432-2.NASL", "href": "https://www.tenable.com/plugins/nessus/139365", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4432-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(139365);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/13\");\n\n script_cve_id(\"CVE-2020-10713\", \"CVE-2020-14308\", \"CVE-2020-14309\", \"CVE-2020-14310\", \"CVE-2020-14311\", \"CVE-2020-15705\", \"CVE-2020-15706\", \"CVE-2020-15707\");\n script_xref(name:\"USN\", value:\"4432-2\");\n script_xref(name:\"IAVA\", value:\"2020-A-0349\");\n\n script_name(english:\"Ubuntu 16.04 LTS / 18.04 LTS / 20.04 : GRUB2 regression (USN-4432-2)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"USN-4432-1 fixed vulnerabilities in GRUB2 affecting Secure Boot\nenvironments. Unfortunately, the update introduced regressions for\nsome BIOS systems (either pre-UEFI or UEFI configured in Legacy mode),\npreventing them from successfully booting. This update addresses the\nissue. Users with BIOS systems that installed GRUB2 versions from\nUSN-4432-1 should verify that their GRUB2 installation has a correct\nunderstanding of their boot device location and installed the boot\nloader correctly. We apologize for the inconvenience.\n\nJesse Michael and Mickey Shkatov discovered that the configuration\nparser in GRUB2 did not properly exit when errors were discovered,\nresulting in heap-based buffer overflows. A local attacker could use\nthis to execute arbitrary code and bypass UEFI Secure Boot\nrestrictions. (CVE-2020-10713) Chris Coulson discovered that the GRUB2\nfunction handling code did not properly handle a function being\nredefined, leading to a use-after-free vulnerability. A local attacker\ncould use this to execute arbitrary code and bypass UEFI Secure Boot\nrestrictions. (CVE-2020-15706) Chris Coulson discovered that multiple\ninteger overflows existed in GRUB2 when handling certain filesystems\nor font files, leading to heap-based buffer overflows. A local\nattacker could use these to execute arbitrary code and bypass UEFI\nSecure Boot restrictions. (CVE-2020-14309, CVE-2020-14310,\nCVE-2020-14311) It was discovered that the memory allocator for GRUB2\ndid not validate allocation size, resulting in multiple integer\noverflows and heap-based buffer overflows when handling certain\nfilesystems, PNG images or disk metadata. A local attacker could use\nthis to execute arbitrary code and bypass UEFI Secure Boot\nrestrictions. (CVE-2020-14308) Mathieu Trudel-Lapierre discovered that\nin certain situations, GRUB2 failed to validate kernel signatures. A\nlocal attacker could use this to bypass Secure Boot restrictions.\n(CVE-2020-15705) Colin Watson and Chris Coulson discovered that an\ninteger overflow existed in GRUB2 when handling the initrd command,\nleading to a heap-based buffer overflow. A local attacker could use\nthis to execute arbitrary code and bypass UEFI Secure Boot\nrestrictions. (CVE-2020-15707).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4432-2/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-14309\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:grub-efi-amd64-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:grub-efi-amd64-signed\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:grub-efi-arm-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:grub-efi-arm64-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:grub-efi-arm64-signed\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:grub-efi-ia32-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/08/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2020-2022 Canonical, Inc. / NASL script (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04|16\\.04|18\\.04|20\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04 / 16.04 / 18.04 / 20.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"grub-efi-amd64-bin\", pkgver:\"2.02~beta2-36ubuntu3.27\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"grub-efi-amd64-signed\", pkgver:\"1.66.27+2.02~beta2-36ubuntu3.27\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"grub-efi-arm-bin\", pkgver:\"2.02~beta2-36ubuntu3.27\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"grub-efi-arm64-bin\", pkgver:\"2.02~beta2-36ubuntu3.27\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"grub-efi-arm64-signed\", pkgver:\"1.66.27+2.02~beta2-36ubuntu3.27\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"grub-efi-ia32-bin\", pkgver:\"2.02~beta2-36ubuntu3.27\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"grub-efi-amd64-bin\", pkgver:\"2.02-2ubuntu8.17\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"grub-efi-amd64-signed\", pkgver:\"1.93.19+2.02-2ubuntu8.17\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"grub-efi-arm-bin\", pkgver:\"2.02-2ubuntu8.17\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"grub-efi-arm64-bin\", pkgver:\"2.02-2ubuntu8.17\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"grub-efi-arm64-signed\", pkgver:\"1.93.19+2.02-2ubuntu8.17\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"grub-efi-ia32-bin\", pkgver:\"2.02-2ubuntu8.17\")) flag++;\nif (ubuntu_check(osver:\"20.04\", pkgname:\"grub-efi-amd64-bin\", pkgver:\"2.04-1ubuntu26.2\")) flag++;\nif (ubuntu_check(osver:\"20.04\", pkgname:\"grub-efi-amd64-signed\", pkgver:\"1.142.4+2.04-1ubuntu26.2\")) flag++;\nif (ubuntu_check(osver:\"20.04\", pkgname:\"grub-efi-arm-bin\", pkgver:\"2.04-1ubuntu26.2\")) flag++;\nif (ubuntu_check(osver:\"20.04\", pkgname:\"grub-efi-arm64-bin\", pkgver:\"2.04-1ubuntu26.2\")) flag++;\nif (ubuntu_check(osver:\"20.04\", pkgname:\"grub-efi-arm64-signed\", pkgver:\"1.142.4+2.04-1ubuntu26.2\")) flag++;\nif (ubuntu_check(osver:\"20.04\", pkgname:\"grub-efi-ia32-bin\", pkgver:\"2.04-1ubuntu26.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"grub-efi-amd64-bin / grub-efi-amd64-signed / grub-efi-arm-bin / etc\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-31T16:35:58", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3217 advisory.\n\n - grub2: Crafted grub.cfg file can lead to arbitrary code execution during boot process (CVE-2020-10713)\n\n - grub2: grub_malloc does not validate allocation size allowing for arithmetic overflow and subsequent heap- based buffer overflow (CVE-2020-14308)\n\n - grub2: Integer overflow in grub_squash_read_symlink may lead to heap-based buffer overflow (CVE-2020-14309)\n\n - grub2: Integer overflow read_section_as_string may lead to heap-based buffer overflow (CVE-2020-14310)\n\n - grub2: Integer overflow in grub_ext2_read_link leads to heap-based buffer overflow (CVE-2020-14311)\n\n - grub2: Fail kernel validation without shim protocol (CVE-2020-15705)\n\n - grub2: Use-after-free redefining a function whilst the same function is already executing (CVE-2020-15706)\n\n - grub2: Integer overflow in initrd size handling (CVE-2020-15707)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.2, "vector": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}, "published": "2020-07-30T00:00:00", "type": "nessus", "title": "RHEL 7 : grub2 (RHSA-2020:3217)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10713", "CVE-2020-14308", "CVE-2020-14309", "CVE-2020-14310", "CVE-2020-14311", "CVE-2020-15705", "CVE-2020-15706", "CVE-2020-15707"], "modified": "2022-05-12T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:fwupdate", "p-cpe:/a:redhat:enterprise_linux:fwupdate-devel", "p-cpe:/a:redhat:enterprise_linux:fwupdate-efi", "p-cpe:/a:redhat:enterprise_linux:fwupdate-libs", "p-cpe:/a:redhat:enterprise_linux:grub2", "p-cpe:/a:redhat:enterprise_linux:grub2-common", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-aa64-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32-cdboot", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64-cdboot", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-pc", "p-cpe:/a:redhat:enterprise_linux:grub2-pc-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-ppc-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-ppc64", "p-cpe:/a:redhat:enterprise_linux:grub2-ppc64-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-ppc64le", "p-cpe:/a:redhat:enterprise_linux:grub2-ppc64le-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-tools", "p-cpe:/a:redhat:enterprise_linux:grub2-tools-extra", "p-cpe:/a:redhat:enterprise_linux:grub2-tools-minimal", "p-cpe:/a:redhat:enterprise_linux:mokutil", "p-cpe:/a:redhat:enterprise_linux:shim-ia32", "p-cpe:/a:redhat:enterprise_linux:shim-unsigned-ia32", "p-cpe:/a:redhat:enterprise_linux:shim-unsigned-x64", "p-cpe:/a:redhat:enterprise_linux:shim-x64"], "id": "REDHAT-RHSA-2020-3217.NASL", "href": "https://www.tenable.com/plugins/nessus/139198", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:3217. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(139198);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\n \"CVE-2020-10713\",\n \"CVE-2020-14308\",\n \"CVE-2020-14309\",\n \"CVE-2020-14310\",\n \"CVE-2020-14311\",\n \"CVE-2020-15705\",\n \"CVE-2020-15706\",\n \"CVE-2020-15707\"\n );\n script_xref(name:\"RHSA\", value:\"2020:3217\");\n script_xref(name:\"IAVA\", value:\"2020-A-0349\");\n\n script_name(english:\"RHEL 7 : grub2 (RHSA-2020:3217)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:3217 advisory.\n\n - grub2: Crafted grub.cfg file can lead to arbitrary code execution during boot process (CVE-2020-10713)\n\n - grub2: grub_malloc does not validate allocation size allowing for arithmetic overflow and subsequent heap-\n based buffer overflow (CVE-2020-14308)\n\n - grub2: Integer overflow in grub_squash_read_symlink may lead to heap-based buffer overflow\n (CVE-2020-14309)\n\n - grub2: Integer overflow read_section_as_string may lead to heap-based buffer overflow (CVE-2020-14310)\n\n - grub2: Integer overflow in grub_ext2_read_link leads to heap-based buffer overflow (CVE-2020-14311)\n\n - grub2: Fail kernel validation without shim protocol (CVE-2020-15705)\n\n - grub2: Use-after-free redefining a function whilst the same function is already executing (CVE-2020-15706)\n\n - grub2: Integer overflow in initrd size handling (CVE-2020-15707)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/78.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/122.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/190.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/416.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/440.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/787.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-10713\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-14308\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-14309\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-14310\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-14311\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-15705\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-15706\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-15707\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:3217\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1825243\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1852009\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1852014\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1852022\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1852030\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1860978\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1861118\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1861581\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-14309\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-10713\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(78, 122, 190, 416, 440, 787);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:fwupdate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:fwupdate-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:fwupdate-efi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:fwupdate-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-aa64-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32-cdboot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64-cdboot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-pc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-pc-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-ppc-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-ppc64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-ppc64-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-ppc64le\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-ppc64le-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-tools-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-tools-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mokutil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:shim-ia32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:shim-unsigned-ia32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:shim-unsigned-x64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:shim-x64\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'enterprise_linux_7_client': [\n 'rhel-7-desktop-debug-rpms',\n 'rhel-7-desktop-fastrack-debug-rpms',\n 'rhel-7-desktop-fastrack-rpms',\n 'rhel-7-desktop-fastrack-source-rpms',\n 'rhel-7-desktop-optional-debug-rpms',\n 'rhel-7-desktop-optional-fastrack-debug-rpms',\n 'rhel-7-desktop-optional-fastrack-rpms',\n 'rhel-7-desktop-optional-fastrack-source-rpms',\n 'rhel-7-desktop-optional-rpms',\n 'rhel-7-desktop-optional-source-rpms',\n 'rhel-7-desktop-rpms',\n 'rhel-7-desktop-source-rpms'\n ],\n 'enterprise_linux_7_computenode': [\n 'rhel-7-for-hpc-node-fastrack-debug-rpms',\n 'rhel-7-for-hpc-node-fastrack-rpms',\n 'rhel-7-for-hpc-node-fastrack-source-rpms',\n 'rhel-7-for-hpc-node-optional-fastrack-debug-rpms',\n 'rhel-7-for-hpc-node-optional-fastrack-rpms',\n 'rhel-7-for-hpc-node-optional-fastrack-source-rpms',\n 'rhel-7-hpc-node-debug-rpms',\n 'rhel-7-hpc-node-optional-debug-rpms',\n 'rhel-7-hpc-node-optional-rpms',\n 'rhel-7-hpc-node-optional-source-rpms',\n 'rhel-7-hpc-node-rpms',\n 'rhel-7-hpc-node-source-rpms'\n ],\n 'enterprise_linux_7_server': [\n 'rhel-7-server-debug-rpms',\n 'rhel-7-server-fastrack-debug-rpms',\n 'rhel-7-server-fastrack-rpms',\n 'rhel-7-server-fastrack-source-rpms',\n 'rhel-7-server-optional-debug-rpms',\n 'rhel-7-server-optional-fastrack-debug-rpms',\n 'rhel-7-server-optional-fastrack-rpms',\n 'rhel-7-server-optional-fastrack-source-rpms',\n 'rhel-7-server-optional-rpms',\n 'rhel-7-server-optional-source-rpms',\n 'rhel-7-server-rpms',\n 'rhel-7-server-source-rpms',\n 'rhel-ha-for-rhel-7-server-debug-rpms',\n 'rhel-ha-for-rhel-7-server-rpms',\n 'rhel-ha-for-rhel-7-server-source-rpms',\n 'rhel-rs-for-rhel-7-server-debug-rpms',\n 'rhel-rs-for-rhel-7-server-rpms',\n 'rhel-rs-for-rhel-7-server-source-rpms'\n ],\n 'enterprise_linux_7_workstation': [\n 'rhel-7-workstation-debug-rpms',\n 'rhel-7-workstation-fastrack-debug-rpms',\n 'rhel-7-workstation-fastrack-rpms',\n 'rhel-7-workstation-fastrack-source-rpms',\n 'rhel-7-workstation-optional-debug-rpms',\n 'rhel-7-workstation-optional-fastrack-debug-rpms',\n 'rhel-7-workstation-optional-fastrack-rpms',\n 'rhel-7-workstation-optional-fastrack-source-rpms',\n 'rhel-7-workstation-optional-rpms',\n 'rhel-7-workstation-optional-source-rpms',\n 'rhel-7-workstation-rpms',\n 'rhel-7-workstation-source-rpms'\n ],\n 'rhel_extras_7': [\n 'rhel-7-desktop-supplementary-rpms',\n 'rhel-7-desktop-supplementary-source-rpms',\n 'rhel-7-for-hpc-node-supplementary-rpms',\n 'rhel-7-for-hpc-node-supplementary-source-rpms',\n 'rhel-7-hpc-node-eus-supplementary-rpms',\n 'rhel-7-server-eus-supplementary-rpms',\n 'rhel-7-server-supplementary-rpms',\n 'rhel-7-server-supplementary-source-rpms',\n 'rhel-7-workstation-supplementary-rpms',\n 'rhel-7-workstation-supplementary-source-rpms'\n ],\n 'rhel_extras_oracle_java_7': [\n 'rhel-7-desktop-restricted-maintenance-oracle-java-rpms',\n 'rhel-7-for-hpc-node-restricted-maintenance-oracle-java-rpms',\n 'rhel-7-hpc-node-eus-restricted-maintenance-oracle-java-rpms',\n 'rhel-7-server-eus-restricted-maintenance-oracle-java-rpms',\n 'rhel-7-server-eus-restricted-maintenance-oracle-java-source-rpms',\n 'rhel-7-server-restricted-maintenance-oracle-java-rpms',\n 'rhel-7-workstation-restricted-maintenance-oracle-java-rpms'\n ],\n 'rhel_extras_rt_7': [\n 'rhel-7-server-nfv-debug-rpms',\n 'rhel-7-server-nfv-rpms',\n 'rhel-7-server-nfv-source-rpms',\n 'rhel-7-server-rt-debug-rpms',\n 'rhel-7-server-rt-rpms',\n 'rhel-7-server-rt-source-rpms'\n ],\n 'rhel_extras_sap_7': [\n 'rhel-sap-for-rhel-7-server-debug-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-source-rpms',\n 'rhel-sap-for-rhel-7-server-eus-debug-rpms',\n 'rhel-sap-for-rhel-7-server-eus-rpms',\n 'rhel-sap-for-rhel-7-server-eus-source-rpms',\n 'rhel-sap-for-rhel-7-server-rpms',\n 'rhel-sap-for-rhel-7-server-source-rpms'\n ],\n 'rhel_extras_sap_hana_7': [\n 'rhel-sap-hana-for-rhel-7-server-debug-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-source-rpms',\n 'rhel-sap-hana-for-rhel-7-server-eus-debug-rpms',\n 'rhel-sap-hana-for-rhel-7-server-eus-rpms',\n 'rhel-sap-hana-for-rhel-7-server-eus-source-rpms',\n 'rhel-sap-hana-for-rhel-7-server-rpms',\n 'rhel-sap-hana-for-rhel-7-server-source-rpms'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar pkgs = [\n {'reference':'fwupdate-12-6.el7_8', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_hana_7']},\n {'reference':'fwupdate-devel-12-6.el7_8', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_hana_7']},\n {'reference':'fwupdate-efi-12-6.el7_8', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_hana_7']},\n {'reference':'fwupdate-libs-12-6.el7_8', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_hana_7']},\n {'reference':'grub2-2.02-0.86.el7_8', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_hana_7']},\n {'reference':'grub2-common-2.02-0.86.el7_8', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_hana_7']},\n {'reference':'grub2-efi-aa64-modules-2.02-0.86.el7_8', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_hana_7']},\n {'reference':'grub2-efi-ia32-2.02-0.86.el7_8', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_hana_7']},\n {'reference':'grub2-efi-ia32-cdboot-2.02-0.86.el7_8', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_hana_7']},\n {'reference':'grub2-efi-ia32-modules-2.02-0.86.el7_8', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_hana_7']},\n {'reference':'grub2-efi-x64-2.02-0.86.el7_8', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_hana_7']},\n {'reference':'grub2-efi-x64-cdboot-2.02-0.86.el7_8', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_hana_7']},\n {'reference':'grub2-efi-x64-modules-2.02-0.86.el7_8', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_hana_7']},\n {'reference':'grub2-pc-2.02-0.86.el7_8', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_hana_7']},\n {'reference':'grub2-pc-modules-2.02-0.86.el7_8', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_hana_7']},\n {'reference':'grub2-ppc-modules-2.02-0.86.el7_8', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_hana_7']},\n {'reference':'grub2-ppc64-modules-2.02-0.86.el7_8', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_hana_7']},\n {'reference':'grub2-ppc64le-modules-2.02-0.86.el7_8', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_hana_7']},\n {'reference':'grub2-tools-2.02-0.86.el7_8', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_hana_7']},\n {'reference':'grub2-tools-extra-2.02-0.86.el7_8', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_hana_7']},\n {'reference':'grub2-tools-minimal-2.02-0.86.el7_8', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_hana_7']},\n {'reference':'mokutil-15-7.el7_8', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_hana_7']},\n {'reference':'shim-ia32-15-7.el7_8', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_hana_7']},\n {'reference':'shim-unsigned-ia32-15-7.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_hana_7']},\n {'reference':'shim-unsigned-x64-15-7.el7_9', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_hana_7']},\n {'reference':'shim-x64-15-7.el7_8', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_client', 'enterprise_linux_7_computenode', 'enterprise_linux_7_server', 'enterprise_linux_7_workstation', 'rhel_extras_7', 'rhel_extras_oracle_java_7', 'rhel_extras_rt_7', 'rhel_extras_sap_7', 'rhel_extras_sap_hana_7']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'fwupdate / fwupdate-devel / fwupdate-efi / fwupdate-libs / grub2 / etc');\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-31T16:37:07", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3271 advisory.\n\n - grub2: Crafted grub.cfg file can lead to arbitrary code execution during boot process (CVE-2020-10713)\n\n - grub2: grub_malloc does not validate allocation size allowing for arithmetic overflow and subsequent heap- based buffer overflow (CVE-2020-14308)\n\n - grub2: Integer overflow in grub_squash_read_symlink may lead to heap-based buffer overflow (CVE-2020-14309)\n\n - grub2: Integer overflow read_section_as_string may lead to heap-based buffer overflow (CVE-2020-14310)\n\n - grub2: Integer overflow in grub_ext2_read_link leads to heap-based buffer overflow (CVE-2020-14311)\n\n - grub2: Fail kernel validation without shim protocol (CVE-2020-15705)\n\n - grub2: Use-after-free redefining a function whilst the same function is already executing (CVE-2020-15706)\n\n - grub2: Integer overflow in initrd size handling (CVE-2020-15707)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.2, "vector": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}, "published": "2020-08-03T00:00:00", "type": "nessus", "title": "RHEL 7 : grub2 (RHSA-2020:3271)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10713", "CVE-2020-14308", "CVE-2020-14309", "CVE-2020-14310", "CVE-2020-14311", "CVE-2020-15705", "CVE-2020-15706", "CVE-2020-15707"], "modified": "2022-05-12T00:00:00", "cpe": ["cpe:/o:redhat:rhel_aus:7.6", "cpe:/o:redhat:rhel_e4s:7.6", "cpe:/o:redhat:rhel_eus:7.6", "cpe:/o:redhat:rhel_tus:7.6", "p-cpe:/a:redhat:enterprise_linux:fwupdate", "p-cpe:/a:redhat:enterprise_linux:fwupdate-devel", "p-cpe:/a:redhat:enterprise_linux:fwupdate-efi", "p-cpe:/a:redhat:enterprise_linux:fwupdate-libs", "p-cpe:/a:redhat:enterprise_linux:grub2", "p-cpe:/a:redhat:enterprise_linux:grub2-common", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-aa64-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32-cdboot", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64-cdboot", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-pc", "p-cpe:/a:redhat:enterprise_linux:grub2-pc-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-ppc-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-ppc64", "p-cpe:/a:redhat:enterprise_linux:grub2-ppc64-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-ppc64le", "p-cpe:/a:redhat:enterprise_linux:grub2-ppc64le-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-tools", "p-cpe:/a:redhat:enterprise_linux:grub2-tools-extra", "p-cpe:/a:redhat:enterprise_linux:grub2-tools-minimal", "p-cpe:/a:redhat:enterprise_linux:mokutil", "p-cpe:/a:redhat:enterprise_linux:shim-ia32", "p-cpe:/a:redhat:enterprise_linux:shim-unsigned-ia32", "p-cpe:/a:redhat:enterprise_linux:shim-unsigned-x64", "p-cpe:/a:redhat:enterprise_linux:shim-x64"], "id": "REDHAT-RHSA-2020-3271.NASL", "href": "https://www.tenable.com/plugins/nessus/139288", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:3271. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(139288);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\n \"CVE-2020-10713\",\n \"CVE-2020-14308\",\n \"CVE-2020-14309\",\n \"CVE-2020-14310\",\n \"CVE-2020-14311\",\n \"CVE-2020-15705\",\n \"CVE-2020-15706\",\n \"CVE-2020-15707\"\n );\n script_xref(name:\"RHSA\", value:\"2020:3271\");\n script_xref(name:\"IAVA\", value:\"2020-A-0349\");\n\n script_name(english:\"RHEL 7 : grub2 (RHSA-2020:3271)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:3271 advisory.\n\n - grub2: Crafted grub.cfg file can lead to arbitrary code execution during boot process (CVE-2020-10713)\n\n - grub2: grub_malloc does not validate allocation size allowing for arithmetic overflow and subsequent heap-\n based buffer overflow (CVE-2020-14308)\n\n - grub2: Integer overflow in grub_squash_read_symlink may lead to heap-based buffer overflow\n (CVE-2020-14309)\n\n - grub2: Integer overflow read_section_as_string may lead to heap-based buffer overflow (CVE-2020-14310)\n\n - grub2: Integer overflow in grub_ext2_read_link leads to heap-based buffer overflow (CVE-2020-14311)\n\n - grub2: Fail kernel validation without shim protocol (CVE-2020-15705)\n\n - grub2: Use-after-free redefining a function whilst the same function is already executing (CVE-2020-15706)\n\n - grub2: Integer overflow in initrd size handling (CVE-2020-15707)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/78.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/122.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/190.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/416.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/440.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/787.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-10713\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-14308\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-14309\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-14310\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-14311\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-15705\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-15706\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-15707\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:3271\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1825243\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1852009\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1852014\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1852022\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1852030\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1860978\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1861118\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1861581\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-14309\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-10713\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(78, 122, 190, 416, 440, 787);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/08/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:fwupdate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:fwupdate-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:fwupdate-efi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:fwupdate-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-aa64-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32-cdboot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64-cdboot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-pc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-pc-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-ppc-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-ppc64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-ppc64-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-ppc64le\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-ppc64le-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-tools-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-tools-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mokutil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:shim-ia32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:shim-unsigned-ia32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:shim-unsigned-x64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:shim-x64\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '7.6')) audit(AUDIT_OS_NOT, 'Red Hat 7.6', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'rhel_aus_7_6_server': [\n 'rhel-7-server-aus-debug-rpms',\n 'rhel-7-server-aus-debug-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-aus-optional-debug-rpms',\n 'rhel-7-server-aus-optional-debug-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-aus-optional-rpms',\n 'rhel-7-server-aus-optional-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-aus-optional-source-rpms',\n 'rhel-7-server-aus-optional-source-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-aus-rpms',\n 'rhel-7-server-aus-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-aus-source-rpms',\n 'rhel-7-server-aus-source-rpms__7_DOT_6__x86_64'\n ],\n 'rhel_e4s_7_6_server': [\n 'rhel-7-server-aus-debug-rpms',\n 'rhel-7-server-aus-optional-debug-rpms',\n 'rhel-7-server-aus-optional-rpms',\n 'rhel-7-server-aus-optional-source-rpms',\n 'rhel-7-server-aus-rpms',\n 'rhel-7-server-aus-source-rpms',\n 'rhel-7-server-e4s-debug-rpms',\n 'rhel-7-server-e4s-debug-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-e4s-optional-debug-rpms',\n 'rhel-7-server-e4s-optional-debug-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-e4s-optional-debug-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-e4s-optional-rpms',\n 'rhel-7-server-e4s-optional-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-e4s-optional-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-e4s-optional-source-rpms',\n 'rhel-7-server-e4s-optional-source-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-e4s-optional-source-rpms__7_DOT_7__x86_64',\n 'rhel-7-server-e4s-rpms',\n 'rhel-7-server-e4s-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-e4s-source-rpms',\n 'rhel-7-server-e4s-source-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-tus-debug-rpms',\n 'rhel-7-server-tus-optional-debug-rpms',\n 'rhel-7-server-tus-optional-rpms',\n 'rhel-7-server-tus-optional-source-rpms',\n 'rhel-7-server-tus-source-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-debug-rpms__7_DOT_6__x86_64',\n 'rhel-ha-for-rhel-7-server-e4s-debug-rpms__7_DOT_7__x86_64',\n 'rhel-ha-for-rhel-7-server-e4s-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-rpms__7_DOT_6__x86_64',\n 'rhel-ha-for-rhel-7-server-e4s-rpms__7_DOT_7__x86_64',\n 'rhel-ha-for-rhel-7-server-e4s-source-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-source-rpms__7_DOT_6__x86_64',\n 'rhel-ha-for-rhel-7-server-e4s-source-rpms__7_DOT_7__x86_64'\n ],\n 'rhel_eus_7_6_computenode': [\n 'rhel-7-hpc-node-eus-debug-rpms',\n 'rhel-7-hpc-node-eus-debug-rpms__7_DOT_6__x86_64',\n 'rhel-7-hpc-node-eus-optional-debug-rpms',\n 'rhel-7-hpc-node-eus-optional-debug-rpms__7_DOT_6__x86_64',\n 'rhel-7-hpc-node-eus-optional-rpms',\n 'rhel-7-hpc-node-eus-optional-rpms__7_DOT_6__x86_64',\n 'rhel-7-hpc-node-eus-optional-source-rpms',\n 'rhel-7-hpc-node-eus-optional-source-rpms__7_DOT_6__x86_64',\n 'rhel-7-hpc-node-eus-rpms',\n 'rhel-7-hpc-node-eus-rpms__7_DOT_6__x86_64',\n 'rhel-7-hpc-node-eus-source-rpms',\n 'rhel-7-hpc-node-eus-source-rpms__7_DOT_6__x86_64'\n ],\n 'rhel_eus_7_6_server': [\n 'rhel-7-server-aus-debug-rpms',\n 'rhel-7-server-aus-optional-debug-rpms',\n 'rhel-7-server-aus-optional-rpms',\n 'rhel-7-server-aus-optional-source-rpms',\n 'rhel-7-server-aus-rpms',\n 'rhel-7-server-aus-source-rpms',\n 'rhel-7-server-e4s-debug-rpms',\n 'rhel-7-server-e4s-optional-debug-rpms',\n 'rhel-7-server-e4s-optional-rpms',\n 'rhel-7-server-e4s-optional-source-rpms',\n 'rhel-7-server-e4s-rpms',\n 'rhel-7-server-e4s-source-rpms',\n 'rhel-7-server-eus-debug-rpms',\n 'rhel-7-server-eus-debug-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-eus-optional-debug-rpms',\n 'rhel-7-server-eus-optional-debug-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-eus-optional-rpms',\n 'rhel-7-server-eus-optional-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-eus-optional-source-rpms',\n 'rhel-7-server-eus-optional-source-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-eus-rpms',\n 'rhel-7-server-eus-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-eus-source-rpms',\n 'rhel-7-server-eus-source-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-tus-debug-rpms',\n 'rhel-7-server-tus-optional-debug-rpms',\n 'rhel-7-server-tus-optional-rpms',\n 'rhel-7-server-tus-optional-source-rpms',\n 'rhel-7-server-tus-rpms',\n 'rhel-7-server-tus-source-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-source-rpms',\n 'rhel-ha-for-rhel-7-server-eus-debug-rpms',\n 'rhel-ha-for-rhel-7-server-eus-debug-rpms__7_DOT_6__x86_64',\n 'rhel-ha-for-rhel-7-server-eus-rpms',\n 'rhel-ha-for-rhel-7-server-eus-rpms__7_DOT_6__x86_64',\n 'rhel-ha-for-rhel-7-server-eus-source-rpms',\n 'rhel-ha-for-rhel-7-server-eus-source-rpms__7_DOT_6__x86_64',\n 'rhel-ha-for-rhel-7-server-tus-debug-rpms',\n 'rhel-ha-for-rhel-7-server-tus-rpms',\n 'rhel-ha-for-rhel-7-server-tus-source-rpms',\n 'rhel-rs-for-rhel-7-server-eus-debug-rpms',\n 'rhel-rs-for-rhel-7-server-eus-debug-rpms__7_DOT_6__x86_64',\n 'rhel-rs-for-rhel-7-server-eus-rpms',\n 'rhel-rs-for-rhel-7-server-eus-rpms__7_DOT_6__x86_64',\n 'rhel-rs-for-rhel-7-server-eus-source-rpms',\n 'rhel-rs-for-rhel-7-server-eus-source-rpms__7_DOT_6__x86_64'\n ],\n 'rhel_extras_sap_e4s_7_6': [\n 'rhel-sap-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-debug-rpms__7_DOT_6__x86_64',\n 'rhel-sap-for-rhel-7-server-e4s-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-rpms__7_DOT_6__x86_64',\n 'rhel-sap-for-rhel-7-server-e4s-source-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-source-rpms__7_DOT_6__x86_64'\n ],\n 'rhel_extras_sap_eus_7_6': [\n 'rhel-sap-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-source-rpms',\n 'rhel-sap-for-rhel-7-server-eus-debug-rpms',\n 'rhel-sap-for-rhel-7-server-eus-debug-rpms__7_DOT_6__x86_64',\n 'rhel-sap-for-rhel-7-server-eus-rpms',\n 'rhel-sap-for-rhel-7-server-eus-rpms__7_DOT_6__x86_64',\n 'rhel-sap-for-rhel-7-server-eus-source-rpms',\n 'rhel-sap-for-rhel-7-server-eus-source-rpms__7_DOT_6__x86_64'\n ],\n 'rhel_extras_sap_hana_e4s_7_6': [\n 'rhel-sap-hana-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-debug-rpms__7_DOT_6__x86_64',\n 'rhel-sap-hana-for-rhel-7-server-e4s-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-rpms__7_DOT_6__x86_64',\n 'rhel-sap-hana-for-rhel-7-server-e4s-source-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-source-rpms__7_DOT_6__x86_64'\n ],\n 'rhel_extras_sap_hana_eus_7_6': [\n 'rhel-sap-hana-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-source-rpms',\n 'rhel-sap-hana-for-rhel-7-server-eus-debug-rpms',\n 'rhel-sap-hana-for-rhel-7-server-eus-debug-rpms__7_DOT_6__x86_64',\n 'rhel-sap-hana-for-rhel-7-server-eus-rpms',\n 'rhel-sap-hana-for-rhel-7-server-eus-rpms__7_DOT_6__x86_64',\n 'rhel-sap-hana-for-rhel-7-server-eus-source-rpms',\n 'rhel-sap-hana-for-rhel-7-server-eus-source-rpms__7_DOT_6__x86_64'\n ],\n 'rhel_tus_7_6_server': [\n 'rhel-7-server-tus-debug-rpms',\n 'rhel-7-server-tus-debug-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-tus-optional-debug-rpms',\n 'rhel-7-server-tus-optional-debug-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-tus-optional-rpms',\n 'rhel-7-server-tus-optional-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-tus-optional-source-rpms',\n 'rhel-7-server-tus-optional-source-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-tus-rpms',\n 'rhel-7-server-tus-rpms__7_DOT_6__x86_64',\n 'rhel-7-server-tus-source-rpms',\n 'rhel-7-server-tus-source-rpms__7_DOT_6__x86_64',\n 'rhel-ha-for-rhel-7-server-tus-debug-rpms',\n 'rhel-ha-for-rhel-7-server-tus-debug-rpms__7_DOT_6__x86_64',\n 'rhel-ha-for-rhel-7-server-tus-rpms',\n 'rhel-ha-for-rhel-7-server-tus-rpms__7_DOT_6__x86_64',\n 'rhel-ha-for-rhel-7-server-tus-source-rpms',\n 'rhel-ha-for-rhel-7-server-tus-source-rpms__7_DOT_6__x86_64'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar pkgs = [\n {'reference':'fwupdate-12-6.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'fwupdate-devel-12-6.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'fwupdate-efi-12-6.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'fwupdate-libs-12-6.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'grub2-2.02-0.86.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'grub2-common-2.02-0.86.el7_6', 'sp':'6', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'grub2-efi-aa64-modules-2.02-0.86.el7_6', 'sp':'6', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'grub2-efi-ia32-2.02-0.86.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'grub2-efi-ia32-cdboot-2.02-0.86.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'grub2-efi-ia32-modules-2.02-0.86.el7_6', 'sp':'6', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'grub2-efi-x64-2.02-0.86.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'grub2-efi-x64-cdboot-2.02-0.86.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'grub2-efi-x64-modules-2.02-0.86.el7_6', 'sp':'6', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'grub2-pc-2.02-0.86.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'grub2-pc-modules-2.02-0.86.el7_6', 'sp':'6', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'grub2-ppc-modules-2.02-0.86.el7_6', 'sp':'6', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'grub2-ppc64-modules-2.02-0.86.el7_6', 'sp':'6', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'grub2-ppc64le-modules-2.02-0.86.el7_6', 'sp':'6', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'grub2-tools-2.02-0.86.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'grub2-tools-extra-2.02-0.86.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'grub2-tools-minimal-2.02-0.86.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'mokutil-15-8.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'shim-ia32-15-8.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'shim-unsigned-ia32-15-8.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'shim-unsigned-x64-15-8.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']},\n {'reference':'shim-x64-15-8.el7_6', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_6_server', 'rhel_e4s_7_6_server', 'rhel_eus_7_6_computenode', 'rhel_eus_7_6_server', 'rhel_extras_sap_e4s_7_6', 'rhel_extras_sap_eus_7_6', 'rhel_extras_sap_hana_e4s_7_6', 'rhel_extras_sap_hana_eus_7_6', 'rhel_tus_7_6_server']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Advanced Update Support, Extended Update Support, Telco Extended Update Support or Update Services for SAP Solutions repositories.\\n' +\n 'Access to these repositories requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'fwupdate / fwupdate-devel / fwupdate-efi / fwupdate-libs / grub2 / etc');\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-31T15:27:49", "description": "The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:3216 advisory.\n\n - grub2: Crafted grub.cfg file can lead to arbitrary code execution during boot process (CVE-2020-10713)\n\n - grub2: grub_malloc does not validate allocation size allowing for arithmetic overflow and subsequent heap- based buffer overflow (CVE-2020-14308)\n\n - grub2: Integer overflow in grub_squash_read_symlink may lead to heap-based buffer overflow (CVE-2020-14309)\n\n - grub2: Integer overflow read_section_as_string may lead to heap-based buffer overflow (CVE-2020-14310)\n\n - grub2: Integer overflow in grub_ext2_read_link leads to heap-based buffer overflow (CVE-2020-14311)\n\n - grub2: Fail kernel validation without shim protocol (CVE-2020-15705)\n\n - grub2: Use-after-free redefining a function whilst the same function is already executing (CVE-2020-15706)\n\n - grub2: Integer overflow in initrd size handling (CVE-2020-15707)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.2, "vector": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}, "published": "2021-02-01T00:00:00", "type": "nessus", "title": "CentOS 8 : grub2 (CESA-2020:3216)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10713", "CVE-2020-14308", "CVE-2020-14309", "CVE-2020-14310", "CVE-2020-14311", "CVE-2020-15705", "CVE-2020-15706", "CVE-2020-15707"], "modified": "2022-05-10T00:00:00", "cpe": ["cpe:/o:centos:centos:8", "cpe:/o:centos:centos:8-stream", "p-cpe:/a:centos:centos:grub2-common", "p-cpe:/a:centos:centos:grub2-efi-aa64", "p-cpe:/a:centos:centos:grub2-efi-aa64-cdboot", "p-cpe:/a:centos:centos:grub2-efi-aa64-modules", "p-cpe:/a:centos:centos:grub2-efi-ia32", "p-cpe:/a:centos:centos:grub2-efi-ia32-cdboot", "p-cpe:/a:centos:centos:grub2-efi-ia32-modules", "p-cpe:/a:centos:centos:grub2-efi-x64", "p-cpe:/a:centos:centos:grub2-efi-x64-cdboot", "p-cpe:/a:centos:centos:grub2-efi-x64-modules", "p-cpe:/a:centos:centos:grub2-pc", "p-cpe:/a:centos:centos:grub2-pc-modules", "p-cpe:/a:centos:centos:grub2-ppc64le", "p-cpe:/a:centos:centos:grub2-ppc64le-modules", "p-cpe:/a:centos:centos:grub2-tools", "p-cpe:/a:centos:centos:grub2-tools-efi", "p-cpe:/a:centos:centos:grub2-tools-extra", "p-cpe:/a:centos:centos:grub2-tools-minimal", "p-cpe:/a:centos:centos:shim-unsigned-x64"], "id": "CENTOS8_RHSA-2020-3216.NASL", "href": "https://www.tenable.com/plugins/nessus/146030", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2020:3216. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(146030);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/10\");\n\n script_cve_id(\n \"CVE-2020-10713\",\n \"CVE-2020-14308\",\n \"CVE-2020-14309\",\n \"CVE-2020-14310\",\n \"CVE-2020-14311\",\n \"CVE-2020-15705\",\n \"CVE-2020-15706\",\n \"CVE-2020-15707\"\n );\n script_xref(name:\"RHSA\", value:\"2020:3216\");\n\n script_name(english:\"CentOS 8 : grub2 (CESA-2020:3216)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nCESA-2020:3216 advisory.\n\n - grub2: Crafted grub.cfg file can lead to arbitrary code execution during boot process (CVE-2020-10713)\n\n - grub2: grub_malloc does not validate allocation size allowing for arithmetic overflow and subsequent heap-\n based buffer overflow (CVE-2020-14308)\n\n - grub2: Integer overflow in grub_squash_read_symlink may lead to heap-based buffer overflow\n (CVE-2020-14309)\n\n - grub2: Integer overflow read_section_as_string may lead to heap-based buffer overflow (CVE-2020-14310)\n\n - grub2: Integer overflow in grub_ext2_read_link leads to heap-based buffer overflow (CVE-2020-14311)\n\n - grub2: Fail kernel validation without shim protocol (CVE-2020-15705)\n\n - grub2: Use-after-free redefining a function whilst the same function is already executing (CVE-2020-15706)\n\n - grub2: Integer overflow in initrd size handling (CVE-2020-15707)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:3216\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-14309\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-10713\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8-stream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:grub2-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:grub2-efi-aa64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:grub2-efi-aa64-cdboot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:grub2-efi-aa64-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:grub2-efi-ia32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:grub2-efi-ia32-cdboot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:grub2-efi-ia32-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:grub2-efi-x64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:grub2-efi-x64-cdboot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:grub2-efi-x64-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:grub2-pc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:grub2-pc-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:grub2-ppc64le\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:grub2-ppc64le-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:grub2-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:grub2-tools-efi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:grub2-tools-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:grub2-tools-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:shim-unsigned-x64\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nos_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\npkgs = [\n {'reference':'grub2-common-2.02-87.el8_2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'grub2-common-2.02-87.el8_2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'grub2-efi-aa64-2.02-87.el8_2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'grub2-efi-aa64-2.02-87.el8_2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'grub2-efi-aa64-cdboot-2.02-87.el8_2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'grub2-efi-aa64-cdboot-2.02-87.el8_2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'grub2-efi-aa64-modules-2.02-87.el8_2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'grub2-efi-aa64-modules-2.02-87.el8_2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'grub2-efi-ia32-2.02-87.el8_2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'grub2-efi-ia32-2.02-87.el8_2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'grub2-efi-ia32-cdboot-2.02-87.el8_2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'grub2-efi-ia32-cdboot-2.02-87.el8_2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'grub2-efi-ia32-modules-2.02-87.el8_2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'grub2-efi-ia32-modules-2.02-87.el8_2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'grub2-efi-x64-2.02-87.el8_2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'grub2-efi-x64-2.02-87.el8_2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'grub2-efi-x64-cdboot-2.02-87.el8_2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'grub2-efi-x64-cdboot-2.02-87.el8_2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'grub2-efi-x64-modules-2.02-87.el8_2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'grub2-efi-x64-modules-2.02-87.el8_2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'grub2-pc-2.02-87.el8_2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'grub2-pc-2.02-87.el8_2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'grub2-pc-modules-2.02-87.el8_2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'grub2-pc-modules-2.02-87.el8_2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'grub2-ppc64le-2.02-87.el8_2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'grub2-ppc64le-2.02-87.el8_2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'grub2-ppc64le-modules-2.02-87.el8_2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'grub2-ppc64le-modules-2.02-87.el8_2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'grub2-tools-2.02-87.el8_2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'grub2-tools-2.02-87.el8_2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'grub2-tools-efi-2.02-87.el8_2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'grub2-tools-efi-2.02-87.el8_2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'grub2-tools-extra-2.02-87.el8_2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'grub2-tools-extra-2.02-87.el8_2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'grub2-tools-minimal-2.02-87.el8_2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'grub2-tools-minimal-2.02-87.el8_2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'shim-unsigned-x64-15-7.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'shim-unsigned-x64-15-7.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'grub2-common / grub2-efi-aa64 / grub2-efi-aa64-cdboot / etc');\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-31T16:34:51", "description": "Jesse Michael and Mickey Shkatov discovered that the configuration parser in GRUB2 did not properly exit when errors were discovered, resulting in heap-based buffer overflows. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2020-10713) Chris Coulson discovered that the GRUB2 function handling code did not properly handle a function being redefined, leading to a use-after-free vulnerability. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2020-15706) Chris Coulson discovered that multiple integer overflows existed in GRUB2 when handling certain filesystems or font files, leading to heap-based buffer overflows. A local attacker could use these to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2020-14309, CVE-2020-14310, CVE-2020-14311) It was discovered that the memory allocator for GRUB2 did not validate allocation size, resulting in multiple integer overflows and heap-based buffer overflows when handling certain filesystems, PNG images or disk metadata. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2020-14308) Mathieu Trudel-Lapierre discovered that in certain situations, GRUB2 failed to validate kernel signatures. A local attacker could use this to bypass Secure Boot restrictions.\n(CVE-2020-15705) Colin Watson and Chris Coulson discovered that an integer overflow existed in GRUB2 when handling the initrd command, leading to a heap-based buffer overflow. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2020-15707).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.2, "vector": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}, "published": "2020-07-30T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS / 18.04 LTS / 20.04 : GRUB 2 vulnerabilities (USN-4432-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10713", "CVE-2020-14308", "CVE-2020-14309", "CVE-2020-14310", "CVE-2020-14311", "CVE-2020-15705", "CVE-2020-15706", "CVE-2020-15707"], "modified": "2022-05-13T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:grub-efi-amd64-bin", "p-cpe:/a:canonical:ubuntu_linux:grub-efi-amd64-signed", "p-cpe:/a:canonical:ubuntu_linux:grub-efi-arm-bin", "p-cpe:/a:canonical:ubuntu_linux:grub-efi-arm64-bin", "p-cpe:/a:canonical:ubuntu_linux:grub-efi-arm64-signed", "p-cpe:/a:canonical:ubuntu_linux:grub-efi-ia32-bin", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:20.04"], "id": "UBUNTU_USN-4432-1.NASL", "href": "https://www.tenable.com/plugins/nessus/139179", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4432-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(139179);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/13\");\n\n script_cve_id(\"CVE-2020-10713\", \"CVE-2020-14308\", \"CVE-2020-14309\", \"CVE-2020-14310\", \"CVE-2020-14311\", \"CVE-2020-15705\", \"CVE-2020-15706\", \"CVE-2020-15707\");\n script_xref(name:\"USN\", value:\"4432-1\");\n script_xref(name:\"IAVA\", value:\"2020-A-0349\");\n\n script_name(english:\"Ubuntu 16.04 LTS / 18.04 LTS / 20.04 : GRUB 2 vulnerabilities (USN-4432-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Jesse Michael and Mickey Shkatov discovered that the configuration\nparser in GRUB2 did not properly exit when errors were discovered,\nresulting in heap-based buffer overflows. A local attacker could use\nthis to execute arbitrary code and bypass UEFI Secure Boot\nrestrictions. (CVE-2020-10713) Chris Coulson discovered that the GRUB2\nfunction handling code did not properly handle a function being\nredefined, leading to a use-after-free vulnerability. A local attacker\ncould use this to execute arbitrary code and bypass UEFI Secure Boot\nrestrictions. (CVE-2020-15706) Chris Coulson discovered that multiple\ninteger overflows existed in GRUB2 when handling certain filesystems\nor font files, leading to heap-based buffer overflows. A local\nattacker could use these to execute arbitrary code and bypass UEFI\nSecure Boot restrictions. (CVE-2020-14309, CVE-2020-14310,\nCVE-2020-14311) It was discovered that the memory allocator for GRUB2\ndid not validate allocation size, resulting in multiple integer\noverflows and heap-based buffer overflows when handling certain\nfilesystems, PNG images or disk metadata. A local attacker could use\nthis to execute arbitrary code and bypass UEFI Secure Boot\nrestrictions. (CVE-2020-14308) Mathieu Trudel-Lapierre discovered that\nin certain situations, GRUB2 failed to validate kernel signatures. A\nlocal attacker could use this to bypass Secure Boot restrictions.\n(CVE-2020-15705) Colin Watson and Chris Coulson discovered that an\ninteger overflow existed in GRUB2 when handling the initrd command,\nleading to a heap-based buffer overflow. A local attacker could use\nthis to execute arbitrary code and bypass UEFI Secure Boot\nrestrictions. (CVE-2020-15707).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4432-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-14309\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:grub-efi-amd64-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:grub-efi-amd64-signed\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:grub-efi-arm-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:grub-efi-arm64-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:grub-efi-arm64-signed\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:grub-efi-ia32-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2020-2022 Canonical, Inc. / NASL script (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04|16\\.04|18\\.04|20\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04 / 16.04 / 18.04 / 20.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"grub-efi-amd64-bin\", pkgver:\"2.02~beta2-36ubuntu3.26\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"grub-efi-amd64-signed\", pkgver:\"1.66.26+2.02~beta2-36ubuntu3.26\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"grub-efi-arm-bin\", pkgver:\"2.02~beta2-36ubuntu3.26\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"grub-efi-arm64-bin\", pkgver:\"2.02~beta2-36ubuntu3.26\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"grub-efi-arm64-signed\", pkgver:\"1.66.26+2.02~beta2-36ubuntu3.26\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"grub-efi-ia32-bin\", pkgver:\"2.02~beta2-36ubuntu3.26\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"grub-efi-amd64-bin\", pkgver:\"2.02-2ubuntu8.16\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"grub-efi-amd64-signed\", pkgver:\"1.93.18+2.02-2ubuntu8.16\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"grub-efi-arm-bin\", pkgver:\"2.02-2ubuntu8.16\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"grub-efi-arm64-bin\", pkgver:\"2.02-2ubuntu8.16\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"grub-efi-arm64-signed\", pkgver:\"1.93.18+2.02-2ubuntu8.16\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"grub-efi-ia32-bin\", pkgver:\"2.02-2ubuntu8.16\")) flag++;\nif (ubuntu_check(osver:\"20.04\", pkgname:\"grub-efi-amd64-bin\", pkgver:\"2.04-1ubuntu26.1\")) flag++;\nif (ubuntu_check(osver:\"20.04\", pkgname:\"grub-efi-amd64-signed\", pkgver:\"1.142.3+2.04-1ubuntu26.1\")) flag++;\nif (ubuntu_check(osver:\"20.04\", pkgname:\"grub-efi-arm-bin\", pkgver:\"2.04-1ubuntu26.1\")) flag++;\nif (ubuntu_check(osver:\"20.04\", pkgname:\"grub-efi-arm64-bin\", pkgver:\"2.04-1ubuntu26.1\")) flag++;\nif (ubuntu_check(osver:\"20.04\", pkgname:\"grub-efi-arm64-signed\", pkgver:\"1.142.3+2.04-1ubuntu26.1\")) flag++;\nif (ubuntu_check(osver:\"20.04\", pkgname:\"grub-efi-ia32-bin\", pkgver:\"2.04-1ubuntu26.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"grub-efi-amd64-bin / grub-efi-amd64-signed / grub-efi-arm-bin / etc\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-31T16:35:58", "description": "Description of changes:\n\n[2.02-82.0.2.el8_2.1]\n- Fix CVE-2020-10713, CVE-2020-14308, CVE-2020-14309, CVE-2020-14310, CVE-2020-14311, CVE-2020-15705, CVE-2020-15706, CVE-2020-15707 [Orabug: 31225072]\n- Update signing certificate for efi binaries", "cvss3": {"score": 8.2, "vector": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}, "published": "2020-07-30T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : grub2 (ELSA-2020-5786)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10713", "CVE-2020-14308", "CVE-2020-14309", "CVE-2020-14310", "CVE-2020-14311", "CVE-2020-15705", "CVE-2020-15706", "CVE-2020-15707"], "modified": "2022-05-12T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:grub2-common", "p-cpe:/a:oracle:linux:grub2-efi-aa64-modules", "p-cpe:/a:oracle:linux:grub2-efi-ia32", "p-cpe:/a:oracle:linux:grub2-efi-ia32-cdboot", "p-cpe:/a:oracle:linux:grub2-efi-ia32-modules", "p-cpe:/a:oracle:linux:grub2-efi-x64", "p-cpe:/a:oracle:linux:grub2-efi-x64-cdboot", "p-cpe:/a:oracle:linux:grub2-efi-x64-modules", "p-cpe:/a:oracle:linux:grub2-pc", "p-cpe:/a:oracle:linux:grub2-pc-modules", "p-cpe:/a:oracle:linux:grub2-tools", "p-cpe:/a:oracle:linux:grub2-tools-efi", "p-cpe:/a:oracle:linux:grub2-tools-extra", "p-cpe:/a:oracle:linux:grub2-tools-minimal", "cpe:/o:oracle:linux:8"], "id": "ORACLELINUX_ELSA-2020-5786.NASL", "href": "https://www.tenable.com/plugins/nessus/139165", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2020-5786.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(139165);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\n \"CVE-2020-10713\",\n \"CVE-2020-14308\",\n \"CVE-2020-14309\",\n \"CVE-2020-14310\",\n \"CVE-2020-14311\",\n \"CVE-2020-15705\",\n \"CVE-2020-15706\",\n \"CVE-2020-15707\"\n );\n script_xref(name:\"IAVA\", value:\"2020-A-0349\");\n\n script_name(english:\"Oracle Linux 8 : grub2 (ELSA-2020-5786)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"Description of changes:\n\n[2.02-82.0.2.el8_2.1]\n- Fix CVE-2020-10713, CVE-2020-14308, CVE-2020-14309, CVE-2020-14310, \nCVE-2020-14311,\nCVE-2020-15705, CVE-2020-15706, CVE-2020-15707 [Orabug: 31225072]\n- Update signing certificate for efi binaries\");\n script_set_attribute(attribute:\"see_also\", value:\"https://oss.oracle.com/pipermail/el-errata/2020-July/010174.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected grub2 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-14309\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-10713\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:grub2-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:grub2-efi-aa64-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:grub2-efi-ia32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:grub2-efi-ia32-cdboot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:grub2-efi-ia32-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:grub2-efi-x64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:grub2-efi-x64-cdboot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:grub2-efi-x64-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:grub2-pc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:grub2-pc-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:grub2-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:grub2-tools-efi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:grub2-tools-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:grub2-tools-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 8\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"grub2-common-2.02-82.0.2.el8_2.1\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"grub2-efi-aa64-modules-2.02-82.0.2.el8_2.1\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"grub2-efi-ia32-2.02-82.0.2.el8_2.1\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"grub2-efi-ia32-cdboot-2.02-82.0.2.el8_2.1\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"grub2-efi-ia32-modules-2.02-82.0.2.el8_2.1\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"grub2-efi-x64-2.02-82.0.2.el8_2.1\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"grub2-efi-x64-cdboot-2.02-82.0.2.el8_2.1\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"grub2-efi-x64-modules-2.02-82.0.2.el8_2.1\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"grub2-pc-2.02-82.0.2.el8_2.1\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"grub2-pc-modules-2.02-82.0.2.el8_2.1\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"grub2-tools-2.02-82.0.2.el8_2.1\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"grub2-tools-efi-2.02-82.0.2.el8_2.1\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"grub2-tools-extra-2.02-82.0.2.el8_2.1\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"grub2-tools-minimal-2.02-82.0.2.el8_2.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"grub2-common / grub2-efi-aa64-modules / grub2-efi-ia32 / etc\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-31T16:36:54", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3275 advisory.\n\n - grub2: Crafted grub.cfg file can lead to arbitrary code execution during boot process (CVE-2020-10713)\n\n - grub2: grub_malloc does not validate allocation size allowing for arithmetic overflow and subsequent heap- based buffer overflow (CVE-2020-14308)\n\n - grub2: Integer overflow in grub_squash_read_symlink may lead to heap-based buffer overflow (CVE-2020-14309)\n\n - grub2: Integer overflow read_section_as_string may lead to heap-based buffer overflow (CVE-2020-14310)\n\n - grub2: Integer overflow in grub_ext2_read_link leads to heap-based buffer overflow (CVE-2020-14311)\n\n - grub2: Fail kernel validation without shim protocol (CVE-2020-15705)\n\n - grub2: Use-after-free redefining a function whilst the same function is already executing (CVE-2020-15706)\n\n - grub2: Integer overflow in initrd size handling (CVE-2020-15707)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.2, "vector": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}, "published": "2020-08-03T00:00:00", "type": "nessus", "title": "RHEL 7 : grub2 (RHSA-2020:3275)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10713", "CVE-2020-14308", "CVE-2020-14309", "CVE-2020-14310", "CVE-2020-14311", "CVE-2020-15705", "CVE-2020-15706", "CVE-2020-15707"], "modified": "2022-05-12T00:00:00", "cpe": ["cpe:/o:redhat:rhel_aus:7.4", "cpe:/o:redhat:rhel_e4s:7.4", "cpe:/o:redhat:rhel_tus:7.4", "p-cpe:/a:redhat:enterprise_linux:fwupdate", "p-cpe:/a:redhat:enterprise_linux:fwupdate-devel", "p-cpe:/a:redhat:enterprise_linux:fwupdate-efi", "p-cpe:/a:redhat:enterprise_linux:fwupdate-libs", "p-cpe:/a:redhat:enterprise_linux:grub2", "p-cpe:/a:redhat:enterprise_linux:grub2-common", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-aa64-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32-cdboot", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64-cdboot", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-pc", "p-cpe:/a:redhat:enterprise_linux:grub2-pc-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-ppc-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-ppc64-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-ppc64le-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-tools", "p-cpe:/a:redhat:enterprise_linux:grub2-tools-extra", "p-cpe:/a:redhat:enterprise_linux:grub2-tools-minimal", "p-cpe:/a:redhat:enterprise_linux:mokutil", "p-cpe:/a:redhat:enterprise_linux:shim-ia32", "p-cpe:/a:redhat:enterprise_linux:shim-unsigned-ia32", "p-cpe:/a:redhat:enterprise_linux:shim-unsigned-x64", "p-cpe:/a:redhat:enterprise_linux:shim-x64"], "id": "REDHAT-RHSA-2020-3275.NASL", "href": "https://www.tenable.com/plugins/nessus/139283", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:3275. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(139283);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\n \"CVE-2020-10713\",\n \"CVE-2020-14308\",\n \"CVE-2020-14309\",\n \"CVE-2020-14310\",\n \"CVE-2020-14311\",\n \"CVE-2020-15705\",\n \"CVE-2020-15706\",\n \"CVE-2020-15707\"\n );\n script_xref(name:\"RHSA\", value:\"2020:3275\");\n script_xref(name:\"IAVA\", value:\"2020-A-0349\");\n\n script_name(english:\"RHEL 7 : grub2 (RHSA-2020:3275)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:3275 advisory.\n\n - grub2: Crafted grub.cfg file can lead to arbitrary code execution during boot process (CVE-2020-10713)\n\n - grub2: grub_malloc does not validate allocation size allowing for arithmetic overflow and subsequent heap-\n based buffer overflow (CVE-2020-14308)\n\n - grub2: Integer overflow in grub_squash_read_symlink may lead to heap-based buffer overflow\n (CVE-2020-14309)\n\n - grub2: Integer overflow read_section_as_string may lead to heap-based buffer overflow (CVE-2020-14310)\n\n - grub2: Integer overflow in grub_ext2_read_link leads to heap-based buffer overflow (CVE-2020-14311)\n\n - grub2: Fail kernel validation without shim protocol (CVE-2020-15705)\n\n - grub2: Use-after-free redefining a function whilst the same function is already executing (CVE-2020-15706)\n\n - grub2: Integer overflow in initrd size handling (CVE-2020-15707)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/78.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/122.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/190.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/416.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/440.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/787.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-10713\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-14308\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-14309\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-14310\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-14311\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-15705\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-15706\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-15707\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:3275\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1825243\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1852009\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1852014\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1852022\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1852030\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1860978\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1861118\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1861581\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-14309\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-10713\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(78, 122, 190, 416, 440, 787);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/08/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:fwupdate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:fwupdate-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:fwupdate-efi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:fwupdate-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-aa64-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32-cdboot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64-cdboot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-pc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-pc-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-ppc-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-ppc64-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-ppc64le-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-tools-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-tools-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mokutil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:shim-ia32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:shim-unsigned-ia32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:shim-unsigned-x64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:shim-x64\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '7.4')) audit(AUDIT_OS_NOT, 'Red Hat 7.4', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'rhel_aus_7_4_server': [\n 'rhel-7-server-aus-debug-rpms',\n 'rhel-7-server-aus-debug-rpms__7_DOT_4__x86_64',\n 'rhel-7-server-aus-optional-debug-rpms',\n 'rhel-7-server-aus-optional-debug-rpms__7_DOT_4__x86_64',\n 'rhel-7-server-aus-optional-rpms',\n 'rhel-7-server-aus-optional-rpms__7_DOT_4__x86_64',\n 'rhel-7-server-aus-optional-source-rpms',\n 'rhel-7-server-aus-optional-source-rpms__7_DOT_4__x86_64',\n 'rhel-7-server-aus-rpms',\n 'rhel-7-server-aus-rpms__7_DOT_4__x86_64',\n 'rhel-7-server-aus-source-rpms',\n 'rhel-7-server-aus-source-rpms__7_DOT_4__x86_64'\n ],\n 'rhel_e4s_7_4_server': [\n 'rhel-7-server-aus-debug-rpms',\n 'rhel-7-server-aus-optional-debug-rpms',\n 'rhel-7-server-aus-optional-rpms',\n 'rhel-7-server-aus-optional-source-rpms',\n 'rhel-7-server-aus-rpms',\n 'rhel-7-server-aus-source-rpms',\n 'rhel-7-server-e4s-debug-rpms',\n 'rhel-7-server-e4s-debug-rpms__7_DOT_4__x86_64',\n 'rhel-7-server-e4s-optional-debug-rpms',\n 'rhel-7-server-e4s-optional-debug-rpms__7_DOT_4__x86_64',\n 'rhel-7-server-e4s-optional-rpms',\n 'rhel-7-server-e4s-optional-rpms__7_DOT_4__x86_64',\n 'rhel-7-server-e4s-optional-source-rpms',\n 'rhel-7-server-e4s-optional-source-rpms__7_DOT_4__x86_64',\n 'rhel-7-server-e4s-rpms',\n 'rhel-7-server-e4s-rpms__7_DOT_4__x86_64',\n 'rhel-7-server-e4s-source-rpms',\n 'rhel-7-server-e4s-source-rpms__7_DOT_4__x86_64',\n 'rhel-7-server-tus-debug-rpms',\n 'rhel-7-server-tus-optional-debug-rpms',\n 'rhel-7-server-tus-optional-rpms',\n 'rhel-7-server-tus-optional-source-rpms',\n 'rhel-7-server-tus-rpms',\n 'rhel-7-server-tus-source-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-debug-rpms__7_DOT_4__x86_64',\n 'rhel-ha-for-rhel-7-server-e4s-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-rpms__7_DOT_4__x86_64',\n 'rhel-ha-for-rhel-7-server-e4s-source-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-source-rpms__7_DOT_4__x86_64'\n ],\n 'rhel_extras_sap_e4s_7_4': [\n 'rhel-sap-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-debug-rpms__7_DOT_4__x86_64',\n 'rhel-sap-for-rhel-7-server-e4s-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-rpms__7_DOT_4__x86_64',\n 'rhel-sap-for-rhel-7-server-e4s-source-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-source-rpms__7_DOT_4__x86_64'\n ],\n 'rhel_extras_sap_hana_e4s_7_4': [\n 'rhel-sap-hana-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-debug-rpms__7_DOT_4__x86_64',\n 'rhel-sap-hana-for-rhel-7-server-e4s-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-rpms__7_DOT_4__x86_64',\n 'rhel-sap-hana-for-rhel-7-server-e4s-source-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-source-rpms__7_DOT_4__x86_64'\n ],\n 'rhel_tus_7_4_server': [\n 'rhel-7-server-tus-debug-rpms',\n 'rhel-7-server-tus-debug-rpms__7_DOT_4__x86_64',\n 'rhel-7-server-tus-optional-debug-rpms',\n 'rhel-7-server-tus-optional-debug-rpms__7_DOT_4__x86_64',\n 'rhel-7-server-tus-optional-rpms',\n 'rhel-7-server-tus-optional-rpms__7_DOT_4__x86_64',\n 'rhel-7-server-tus-optional-source-rpms',\n 'rhel-7-server-tus-optional-source-rpms__7_DOT_4__x86_64',\n 'rhel-7-server-tus-rpms',\n 'rhel-7-server-tus-rpms__7_DOT_4__x86_64',\n 'rhel-7-server-tus-source-rpms',\n 'rhel-7-server-tus-source-rpms__7_DOT_4__x86_64'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar pkgs = [\n {'reference':'fwupdate-9-10.el7_4', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_4_server', 'rhel_e4s_7_4_server', 'rhel_extras_sap_e4s_7_4', 'rhel_extras_sap_hana_e4s_7_4', 'rhel_tus_7_4_server']},\n {'reference':'fwupdate-devel-9-10.el7_4', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_4_server', 'rhel_e4s_7_4_server', 'rhel_extras_sap_e4s_7_4', 'rhel_extras_sap_hana_e4s_7_4', 'rhel_tus_7_4_server']},\n {'reference':'fwupdate-efi-9-10.el7_4', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_4_server', 'rhel_e4s_7_4_server', 'rhel_extras_sap_e4s_7_4', 'rhel_extras_sap_hana_e4s_7_4', 'rhel_tus_7_4_server']},\n {'reference':'fwupdate-libs-9-10.el7_4', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_4_server', 'rhel_e4s_7_4_server', 'rhel_extras_sap_e4s_7_4', 'rhel_extras_sap_hana_e4s_7_4', 'rhel_tus_7_4_server']},\n {'reference':'grub2-2.02-0.86.el7_4', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_4_server', 'rhel_e4s_7_4_server', 'rhel_extras_sap_e4s_7_4', 'rhel_extras_sap_hana_e4s_7_4', 'rhel_tus_7_4_server']},\n {'reference':'grub2-common-2.02-0.86.el7_4', 'sp':'4', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_4_server', 'rhel_e4s_7_4_server', 'rhel_extras_sap_e4s_7_4', 'rhel_extras_sap_hana_e4s_7_4', 'rhel_tus_7_4_server']},\n {'reference':'grub2-efi-aa64-modules-2.02-0.86.el7_4', 'sp':'4', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_4_server', 'rhel_e4s_7_4_server', 'rhel_extras_sap_e4s_7_4', 'rhel_extras_sap_hana_e4s_7_4', 'rhel_tus_7_4_server']},\n {'reference':'grub2-efi-ia32-2.02-0.86.el7_4', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_4_server', 'rhel_e4s_7_4_server', 'rhel_extras_sap_e4s_7_4', 'rhel_extras_sap_hana_e4s_7_4', 'rhel_tus_7_4_server']},\n {'reference':'grub2-efi-ia32-cdboot-2.02-0.86.el7_4', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_4_server', 'rhel_e4s_7_4_server', 'rhel_extras_sap_e4s_7_4', 'rhel_extras_sap_hana_e4s_7_4', 'rhel_tus_7_4_server']},\n {'reference':'grub2-efi-ia32-modules-2.02-0.86.el7_4', 'sp':'4', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_4_server', 'rhel_e4s_7_4_server', 'rhel_extras_sap_e4s_7_4', 'rhel_extras_sap_hana_e4s_7_4', 'rhel_tus_7_4_server']},\n {'reference':'grub2-efi-x64-2.02-0.86.el7_4', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_4_server', 'rhel_e4s_7_4_server', 'rhel_extras_sap_e4s_7_4', 'rhel_extras_sap_hana_e4s_7_4', 'rhel_tus_7_4_server']},\n {'reference':'grub2-efi-x64-cdboot-2.02-0.86.el7_4', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_4_server', 'rhel_e4s_7_4_server', 'rhel_extras_sap_e4s_7_4', 'rhel_extras_sap_hana_e4s_7_4', 'rhel_tus_7_4_server']},\n {'reference':'grub2-efi-x64-modules-2.02-0.86.el7_4', 'sp':'4', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_4_server', 'rhel_e4s_7_4_server', 'rhel_extras_sap_e4s_7_4', 'rhel_extras_sap_hana_e4s_7_4', 'rhel_tus_7_4_server']},\n {'reference':'grub2-pc-2.02-0.86.el7_4', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_4_server', 'rhel_e4s_7_4_server', 'rhel_extras_sap_e4s_7_4', 'rhel_extras_sap_hana_e4s_7_4', 'rhel_tus_7_4_server']},\n {'reference':'grub2-pc-modules-2.02-0.86.el7_4', 'sp':'4', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_4_server', 'rhel_e4s_7_4_server', 'rhel_extras_sap_e4s_7_4', 'rhel_extras_sap_hana_e4s_7_4', 'rhel_tus_7_4_server']},\n {'reference':'grub2-ppc-modules-2.02-0.86.el7_4', 'sp':'4', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_4_server', 'rhel_e4s_7_4_server', 'rhel_extras_sap_e4s_7_4', 'rhel_extras_sap_hana_e4s_7_4', 'rhel_tus_7_4_server']},\n {'reference':'grub2-ppc64-modules-2.02-0.86.el7_4', 'sp':'4', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_4_server', 'rhel_e4s_7_4_server', 'rhel_extras_sap_e4s_7_4', 'rhel_extras_sap_hana_e4s_7_4', 'rhel_tus_7_4_server']},\n {'reference':'grub2-ppc64le-modules-2.02-0.86.el7_4', 'sp':'4', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_4_server', 'rhel_e4s_7_4_server', 'rhel_extras_sap_e4s_7_4', 'rhel_extras_sap_hana_e4s_7_4', 'rhel_tus_7_4_server']},\n {'reference':'grub2-tools-2.02-0.86.el7_4', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_4_server', 'rhel_e4s_7_4_server', 'rhel_extras_sap_e4s_7_4', 'rhel_extras_sap_hana_e4s_7_4', 'rhel_tus_7_4_server']},\n {'reference':'grub2-tools-extra-2.02-0.86.el7_4', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_4_server', 'rhel_e4s_7_4_server', 'rhel_extras_sap_e4s_7_4', 'rhel_extras_sap_hana_e4s_7_4', 'rhel_tus_7_4_server']},\n {'reference':'grub2-tools-minimal-2.02-0.86.el7_4', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_4_server', 'rhel_e4s_7_4_server', 'rhel_extras_sap_e4s_7_4', 'rhel_extras_sap_hana_e4s_7_4', 'rhel_tus_7_4_server']},\n {'reference':'mokutil-15-8.el7_4', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_4_server', 'rhel_e4s_7_4_server', 'rhel_extras_sap_e4s_7_4', 'rhel_extras_sap_hana_e4s_7_4', 'rhel_tus_7_4_server']},\n {'reference':'shim-ia32-15-8.el7_4', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_4_server', 'rhel_e4s_7_4_server', 'rhel_extras_sap_e4s_7_4', 'rhel_extras_sap_hana_e4s_7_4', 'rhel_tus_7_4_server']},\n {'reference':'shim-unsigned-ia32-15-8.el7', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_4_server', 'rhel_e4s_7_4_server', 'rhel_extras_sap_e4s_7_4', 'rhel_extras_sap_hana_e4s_7_4', 'rhel_tus_7_4_server']},\n {'reference':'shim-unsigned-x64-15-8.el7', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_4_server', 'rhel_e4s_7_4_server', 'rhel_extras_sap_e4s_7_4', 'rhel_extras_sap_hana_e4s_7_4', 'rhel_tus_7_4_server']},\n {'reference':'shim-x64-15-8.el7_4', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_4_server', 'rhel_e4s_7_4_server', 'rhel_extras_sap_e4s_7_4', 'rhel_extras_sap_hana_e4s_7_4', 'rhel_tus_7_4_server']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Advanced Update Support, Telco Extended Update Support or Update Services for SAP Solutions repositories.\\n' +\n 'Access to these repositories requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'fwupdate / fwupdate-devel / fwupdate-efi / fwupdate-libs / grub2 / etc');\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-01T17:16:50", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3276 advisory.\n\n - grub2: Crafted grub.cfg file can lead to arbitrary code execution during boot process (CVE-2020-10713)\n\n - grub2: grub_malloc does not validate allocation size allowing for arithmetic overflow and subsequent heap- based buffer overflow (CVE-2020-14308)\n\n - grub2: Integer overflow in grub_squash_read_symlink may lead to heap-based buffer overflow (CVE-2020-14309)\n\n - grub2: Integer overflow read_section_as_string may lead to heap-based buffer overflow (CVE-2020-14310)\n\n - grub2: Integer overflow in grub_ext2_read_link leads to heap-based buffer overflow (CVE-2020-14311)\n\n - grub2: Fail kernel validation without shim protocol (CVE-2020-15705)\n\n - grub2: Use-after-free redefining a function whilst the same function is already executing (CVE-2020-15706)\n\n - grub2: Integer overflow in initrd size handling (CVE-2020-15707)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.2, "vector": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}, "published": "2020-08-03T00:00:00", "type": "nessus", "title": "RHEL 7 : grub2 (RHSA-2020:3276)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10713", "CVE-2020-14308", "CVE-2020-14309", "CVE-2020-14310", "CVE-2020-14311", "CVE-2020-15705", "CVE-2020-15706", "CVE-2020-15707"], "modified": "2022-05-12T00:00:00", "cpe": ["cpe:/o:redhat:rhel_aus:7.3", "cpe:/o:redhat:rhel_e4s:7.3", "cpe:/o:redhat:rhel_tus:7.3", "p-cpe:/a:redhat:enterprise_linux:grub2", "p-cpe:/a:redhat:enterprise_linux:grub2-common", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-aa64-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32-cdboot", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64-cdboot", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-pc", "p-cpe:/a:redhat:enterprise_linux:grub2-pc-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-ppc-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-ppc64-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-ppc64le-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-tools", "p-cpe:/a:redhat:enterprise_linux:grub2-tools-extra", "p-cpe:/a:redhat:enterprise_linux:grub2-tools-minimal", "p-cpe:/a:redhat:enterprise_linux:mokutil", "p-cpe:/a:redhat:enterprise_linux:shim", "p-cpe:/a:redhat:enterprise_linux:shim-unsigned-ia32", "p-cpe:/a:redhat:enterprise_linux:shim-unsigned-x64"], "id": "REDHAT-RHSA-2020-3276.NASL", "href": "https://www.tenable.com/plugins/nessus/139287", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:3276. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(139287);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\n \"CVE-2020-10713\",\n \"CVE-2020-14308\",\n \"CVE-2020-14309\",\n \"CVE-2020-14310\",\n \"CVE-2020-14311\",\n \"CVE-2020-15705\",\n \"CVE-2020-15706\",\n \"CVE-2020-15707\"\n );\n script_xref(name:\"RHSA\", value:\"2020:3276\");\n script_xref(name:\"IAVA\", value:\"2020-A-0349\");\n\n script_name(english:\"RHEL 7 : grub2 (RHSA-2020:3276)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:3276 advisory.\n\n - grub2: Crafted grub.cfg file can lead to arbitrary code execution during boot process (CVE-2020-10713)\n\n - grub2: grub_malloc does not validate allocation size allowing for arithmetic overflow and subsequent heap-\n based buffer overflow (CVE-2020-14308)\n\n - grub2: Integer overflow in grub_squash_read_symlink may lead to heap-based buffer overflow\n (CVE-2020-14309)\n\n - grub2: Integer overflow read_section_as_string may lead to heap-based buffer overflow (CVE-2020-14310)\n\n - grub2: Integer overflow in grub_ext2_read_link leads to heap-based buffer overflow (CVE-2020-14311)\n\n - grub2: Fail kernel validation without shim protocol (CVE-2020-15705)\n\n - grub2: Use-after-free redefining a function whilst the same function is already executing (CVE-2020-15706)\n\n - grub2: Integer overflow in initrd size handling (CVE-2020-15707)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/78.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/122.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/190.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/416.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/440.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/787.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-10713\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-14308\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-14309\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-14310\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-14311\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-15705\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-15706\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-15707\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:3276\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1825243\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1852009\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1852014\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1852022\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1852030\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1860978\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1861118\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1861581\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-14309\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-10713\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(78, 122, 190, 416, 440, 787);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/08/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-aa64-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32-cdboot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64-cdboot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-pc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-pc-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-ppc-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-ppc64-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-ppc64le-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-tools-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-tools-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mokutil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:shim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:shim-unsigned-ia32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:shim-unsigned-x64\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '7.3')) audit(AUDIT_OS_NOT, 'Red Hat 7.3', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'rhel_aus_7_3_server': [\n 'rhel-7-server-aus-debug-rpms',\n 'rhel-7-server-aus-debug-rpms__7_DOT_3__x86_64',\n 'rhel-7-server-aus-optional-debug-rpms',\n 'rhel-7-server-aus-optional-debug-rpms__7_DOT_3__x86_64',\n 'rhel-7-server-aus-optional-rpms',\n 'rhel-7-server-aus-optional-rpms__7_DOT_3__x86_64',\n 'rhel-7-server-aus-optional-source-rpms',\n 'rhel-7-server-aus-optional-source-rpms__7_DOT_3__x86_64',\n 'rhel-7-server-aus-rpms',\n 'rhel-7-server-aus-rpms__7_DOT_3__x86_64',\n 'rhel-7-server-aus-source-rpms',\n 'rhel-7-server-aus-source-rpms__7_DOT_3__x86_64'\n ],\n 'rhel_e4s_7_3_server': [\n 'rhel-7-server-aus-debug-rpms',\n 'rhel-7-server-aus-optional-debug-rpms',\n 'rhel-7-server-aus-optional-rpms',\n 'rhel-7-server-aus-optional-source-rpms',\n 'rhel-7-server-aus-rpms',\n 'rhel-7-server-aus-source-rpms',\n 'rhel-7-server-e4s-debug-rpms',\n 'rhel-7-server-e4s-debug-rpms__7_DOT_3__x86_64',\n 'rhel-7-server-e4s-optional-debug-rpms',\n 'rhel-7-server-e4s-optional-debug-rpms__7_DOT_3__x86_64',\n 'rhel-7-server-e4s-optional-rpms',\n 'rhel-7-server-e4s-optional-rpms__7_DOT_3__x86_64',\n 'rhel-7-server-e4s-optional-source-rpms',\n 'rhel-7-server-e4s-optional-source-rpms__7_DOT_3__x86_64',\n 'rhel-7-server-e4s-rpms',\n 'rhel-7-server-e4s-rpms__7_DOT_3__x86_64',\n 'rhel-7-server-e4s-source-rpms',\n 'rhel-7-server-e4s-source-rpms__7_DOT_3__x86_64',\n 'rhel-7-server-tus-debug-rpms',\n 'rhel-7-server-tus-optional-debug-rpms',\n 'rhel-7-server-tus-optional-rpms',\n 'rhel-7-server-tus-optional-source-rpms',\n 'rhel-7-server-tus-rpms',\n 'rhel-7-server-tus-source-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-debug-rpms__7_DOT_3__x86_64',\n 'rhel-ha-for-rhel-7-server-e4s-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-rpms__7_DOT_3__x86_64',\n 'rhel-ha-for-rhel-7-server-e4s-source-rpms',\n 'rhel-ha-for-rhel-7-server-e4s-source-rpms__7_DOT_3__x86_64'\n ],\n 'rhel_extras_sap_e4s_7_3': [\n 'rhel-sap-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-debug-rpms__7_DOT_3__x86_64',\n 'rhel-sap-for-rhel-7-server-e4s-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-rpms__7_DOT_3__x86_64',\n 'rhel-sap-for-rhel-7-server-e4s-source-rpms',\n 'rhel-sap-for-rhel-7-server-e4s-source-rpms__7_DOT_3__x86_64'\n ],\n 'rhel_extras_sap_hana_e4s_7_3': [\n 'rhel-sap-hana-for-rhel-7-server-e4s-debug-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-debug-rpms__7_DOT_3__x86_64',\n 'rhel-sap-hana-for-rhel-7-server-e4s-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-rpms__7_DOT_3__x86_64',\n 'rhel-sap-hana-for-rhel-7-server-e4s-source-rpms',\n 'rhel-sap-hana-for-rhel-7-server-e4s-source-rpms__7_DOT_3__x86_64'\n ],\n 'rhel_tus_7_3_server': [\n 'rhel-7-server-tus-debug-rpms',\n 'rhel-7-server-tus-debug-rpms__7_DOT_3__x86_64',\n 'rhel-7-server-tus-optional-debug-rpms',\n 'rhel-7-server-tus-optional-debug-rpms__7_DOT_3__x86_64',\n 'rhel-7-server-tus-optional-rpms',\n 'rhel-7-server-tus-optional-rpms__7_DOT_3__x86_64',\n 'rhel-7-server-tus-optional-source-rpms',\n 'rhel-7-server-tus-optional-source-rpms__7_DOT_3__x86_64',\n 'rhel-7-server-tus-rpms',\n 'rhel-7-server-tus-rpms__7_DOT_3__x86_64',\n 'rhel-7-server-tus-source-rpms',\n 'rhel-7-server-tus-source-rpms__7_DOT_3__x86_64'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar pkgs = [\n {'reference':'grub2-2.02-0.86.el7', 'sp':'3', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_3_server', 'rhel_e4s_7_3_server', 'rhel_extras_sap_e4s_7_3', 'rhel_extras_sap_hana_e4s_7_3', 'rhel_tus_7_3_server']},\n {'reference':'grub2-common-2.02-0.86.el7', 'sp':'3', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_3_server', 'rhel_e4s_7_3_server', 'rhel_extras_sap_e4s_7_3', 'rhel_extras_sap_hana_e4s_7_3', 'rhel_tus_7_3_server']},\n {'reference':'grub2-efi-aa64-modules-2.02-0.86.el7', 'sp':'3', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_3_server', 'rhel_e4s_7_3_server', 'rhel_extras_sap_e4s_7_3', 'rhel_extras_sap_hana_e4s_7_3', 'rhel_tus_7_3_server']},\n {'reference':'grub2-efi-ia32-2.02-0.86.el7', 'sp':'3', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_3_server', 'rhel_e4s_7_3_server', 'rhel_extras_sap_e4s_7_3', 'rhel_extras_sap_hana_e4s_7_3', 'rhel_tus_7_3_server']},\n {'reference':'grub2-efi-ia32-cdboot-2.02-0.86.el7', 'sp':'3', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_3_server', 'rhel_e4s_7_3_server', 'rhel_extras_sap_e4s_7_3', 'rhel_extras_sap_hana_e4s_7_3', 'rhel_tus_7_3_server']},\n {'reference':'grub2-efi-ia32-modules-2.02-0.86.el7', 'sp':'3', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_3_server', 'rhel_e4s_7_3_server', 'rhel_extras_sap_e4s_7_3', 'rhel_extras_sap_hana_e4s_7_3', 'rhel_tus_7_3_server']},\n {'reference':'grub2-efi-x64-2.02-0.86.el7', 'sp':'3', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_3_server', 'rhel_e4s_7_3_server', 'rhel_extras_sap_e4s_7_3', 'rhel_extras_sap_hana_e4s_7_3', 'rhel_tus_7_3_server']},\n {'reference':'grub2-efi-x64-cdboot-2.02-0.86.el7', 'sp':'3', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_3_server', 'rhel_e4s_7_3_server', 'rhel_extras_sap_e4s_7_3', 'rhel_extras_sap_hana_e4s_7_3', 'rhel_tus_7_3_server']},\n {'reference':'grub2-efi-x64-modules-2.02-0.86.el7', 'sp':'3', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_3_server', 'rhel_e4s_7_3_server', 'rhel_extras_sap_e4s_7_3', 'rhel_extras_sap_hana_e4s_7_3', 'rhel_tus_7_3_server']},\n {'reference':'grub2-pc-2.02-0.86.el7', 'sp':'3', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_3_server', 'rhel_e4s_7_3_server', 'rhel_extras_sap_e4s_7_3', 'rhel_extras_sap_hana_e4s_7_3', 'rhel_tus_7_3_server']},\n {'reference':'grub2-pc-modules-2.02-0.86.el7', 'sp':'3', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_3_server', 'rhel_e4s_7_3_server', 'rhel_extras_sap_e4s_7_3', 'rhel_extras_sap_hana_e4s_7_3', 'rhel_tus_7_3_server']},\n {'reference':'grub2-ppc-modules-2.02-0.86.el7', 'sp':'3', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_3_server', 'rhel_e4s_7_3_server', 'rhel_extras_sap_e4s_7_3', 'rhel_extras_sap_hana_e4s_7_3', 'rhel_tus_7_3_server']},\n {'reference':'grub2-ppc64-modules-2.02-0.86.el7', 'sp':'3', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_3_server', 'rhel_e4s_7_3_server', 'rhel_extras_sap_e4s_7_3', 'rhel_extras_sap_hana_e4s_7_3', 'rhel_tus_7_3_server']},\n {'reference':'grub2-ppc64le-modules-2.02-0.86.el7', 'sp':'3', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_3_server', 'rhel_e4s_7_3_server', 'rhel_extras_sap_e4s_7_3', 'rhel_extras_sap_hana_e4s_7_3', 'rhel_tus_7_3_server']},\n {'reference':'grub2-tools-2.02-0.86.el7', 'sp':'3', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_3_server', 'rhel_e4s_7_3_server', 'rhel_extras_sap_e4s_7_3', 'rhel_extras_sap_hana_e4s_7_3', 'rhel_tus_7_3_server']},\n {'reference':'grub2-tools-extra-2.02-0.86.el7', 'sp':'3', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_3_server', 'rhel_e4s_7_3_server', 'rhel_extras_sap_e4s_7_3', 'rhel_extras_sap_hana_e4s_7_3', 'rhel_tus_7_3_server']},\n {'reference':'grub2-tools-minimal-2.02-0.86.el7', 'sp':'3', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_3_server', 'rhel_e4s_7_3_server', 'rhel_extras_sap_e4s_7_3', 'rhel_extras_sap_hana_e4s_7_3', 'rhel_tus_7_3_server']},\n {'reference':'mokutil-15-8.el7_3', 'sp':'3', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_3_server', 'rhel_e4s_7_3_server', 'rhel_extras_sap_e4s_7_3', 'rhel_extras_sap_hana_e4s_7_3', 'rhel_tus_7_3_server']},\n {'reference':'shim-15-8.el7_3', 'sp':'3', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_3_server', 'rhel_e4s_7_3_server', 'rhel_extras_sap_e4s_7_3', 'rhel_extras_sap_hana_e4s_7_3', 'rhel_tus_7_3_server']},\n {'reference':'shim-unsigned-ia32-15-8.el7', 'sp':'3', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_3_server', 'rhel_e4s_7_3_server', 'rhel_extras_sap_e4s_7_3', 'rhel_extras_sap_hana_e4s_7_3', 'rhel_tus_7_3_server']},\n {'reference':'shim-unsigned-x64-15-8.el7', 'sp':'3', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_3_server', 'rhel_e4s_7_3_server', 'rhel_extras_sap_e4s_7_3', 'rhel_extras_sap_hana_e4s_7_3', 'rhel_tus_7_3_server']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Advanced Update Support, Telco Extended Update Support or Update Services for SAP Solutions repositories.\\n' +\n 'Access to these repositories requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'grub2 / grub2-common / grub2-efi-aa64-modules / grub2-efi-ia32 / etc');\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-31T16:35:58", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3223 advisory.\n\n - grub2: Crafted grub.cfg file can lead to arbitrary code execution during boot process (CVE-2020-10713)\n\n - grub2: grub_malloc does not validate allocation size allowing for arithmetic overflow and subsequent heap- based buffer overflow (CVE-2020-14308)\n\n - grub2: Integer overflow in grub_squash_read_symlink may lead to heap-based buffer overflow (CVE-2020-14309)\n\n - grub2: Integer overflow read_section_as_string may lead to heap-based buffer overflow (CVE-2020-14310)\n\n - grub2: Integer overflow in grub_ext2_read_link leads to heap-based buffer overflow (CVE-2020-14311)\n\n - grub2: Fail kernel validation without shim protocol (CVE-2020-15705)\n\n - grub2: Use-after-free redefining a function whilst the same function is already executing (CVE-2020-15706)\n\n - grub2: Integer overflow in initrd size handling (CVE-2020-15707)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.2, "vector": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}, "published": "2020-07-30T00:00:00", "type": "nessus", "title": "RHEL 8 : grub2 (RHSA-2020:3223)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10713", "CVE-2020-14308", "CVE-2020-14309", "CVE-2020-14310", "CVE-2020-14311", "CVE-2020-15705", "CVE-2020-15706", "CVE-2020-15707"], "modified": "2022-05-12T00:00:00", "cpe": ["cpe:/o:redhat:rhel_e4s:8.1", "cpe:/o:redhat:rhel_eus:8.1", "p-cpe:/a:redhat:enterprise_linux:fwupd", "p-cpe:/a:redhat:enterprise_linux:grub2-common", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-aa64", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-aa64-cdboot", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-aa64-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32-cdboot", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64-cdboot", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-pc", "p-cpe:/a:redhat:enterprise_linux:grub2-pc-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-ppc64le", "p-cpe:/a:redhat:enterprise_linux:grub2-ppc64le-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-tools", "p-cpe:/a:redhat:enterprise_linux:grub2-tools-efi", "p-cpe:/a:redhat:enterprise_linux:grub2-tools-extra", "p-cpe:/a:redhat:enterprise_linux:grub2-tools-minimal", "p-cpe:/a:redhat:enterprise_linux:shim-aa64", "p-cpe:/a:redhat:enterprise_linux:shim-ia32", "p-cpe:/a:redhat:enterprise_linux:shim-unsigned-x64", "p-cpe:/a:redhat:enterprise_linux:shim-x64"], "id": "REDHAT-RHSA-2020-3223.NASL", "href": "https://www.tenable.com/plugins/nessus/139193", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:3223. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(139193);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\n \"CVE-2020-10713\",\n \"CVE-2020-14308\",\n \"CVE-2020-14309\",\n \"CVE-2020-14310\",\n \"CVE-2020-14311\",\n \"CVE-2020-15705\",\n \"CVE-2020-15706\",\n \"CVE-2020-15707\"\n );\n script_xref(name:\"RHSA\", value:\"2020:3223\");\n script_xref(name:\"IAVA\", value:\"2020-A-0349\");\n\n script_name(english:\"RHEL 8 : grub2 (RHSA-2020:3223)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:3223 advisory.\n\n - grub2: Crafted grub.cfg file can lead to arbitrary code execution during boot process (CVE-2020-10713)\n\n - grub2: grub_malloc does not validate allocation size allowing for arithmetic overflow and subsequent heap-\n based buffer overflow (CVE-2020-14308)\n\n - grub2: Integer overflow in grub_squash_read_symlink may lead to heap-based buffer overflow\n (CVE-2020-14309)\n\n - grub2: Integer overflow read_section_as_string may lead to heap-based buffer overflow (CVE-2020-14310)\n\n - grub2: Integer overflow in grub_ext2_read_link leads to heap-based buffer overflow (CVE-2020-14311)\n\n - grub2: Fail kernel validation without shim protocol (CVE-2020-15705)\n\n - grub2: Use-after-free redefining a function whilst the same function is already executing (CVE-2020-15706)\n\n - grub2: Integer overflow in initrd size handling (CVE-2020-15707)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/78.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/122.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/190.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/416.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/440.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/787.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-10713\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-14308\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-14309\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-14310\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-14311\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-15705\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-15706\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-15707\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:3223\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1825243\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1852009\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1852014\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1852022\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1852030\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1860978\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1861118\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1861581\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-14309\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-10713\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(78, 122, 190, 416, 440, 787);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:fwupd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-aa64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-aa64-cdboot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-aa64-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32-cdboot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64-cdboot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-pc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-pc-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-ppc64le\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-ppc64le-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-tools-efi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-tools-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-tools-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:shim-aa64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:shim-ia32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:shim-unsigned-x64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:shim-x64\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '8.1')) audit(AUDIT_OS_NOT, 'Red Hat 8.1', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'rhel_e4s_8_1_appstream': [\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms__8_DOT_1'\n ],\n 'rhel_e4s_8_1_baseos': [\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-baseos-e4s-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms__8_DOT_1'\n ],\n 'rhel_e4s_8_1_highavailability': [\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms__8_DOT_1'\n ],\n 'rhel_e4s_8_1_sap': [\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms__8_DOT_1'\n ],\n 'rhel_e4s_8_1_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms__8_DOT_1'\n ],\n 'rhel_eus_8_1_appstream': [\n 'rhel-8-for-aarch64-appstream-eus-debug-rpms',\n 'rhel-8-for-aarch64-appstream-eus-debug-rpms__8_DOT_1',\n 'rhel-8-for-aarch64-appstream-eus-rpms',\n 'rhel-8-for-aarch64-appstream-eus-rpms__8_DOT_1',\n 'rhel-8-for-aarch64-appstream-eus-source-rpms',\n 'rhel-8-for-aarch64-appstream-eus-source-rpms__8_DOT_1',\n 'rhel-8-for-s390x-appstream-eus-debug-rpms',\n 'rhel-8-for-s390x-appstream-eus-debug-rpms__8_DOT_1',\n 'rhel-8-for-s390x-appstream-eus-rpms',\n 'rhel-8-for-s390x-appstream-eus-rpms__8_DOT_1',\n 'rhel-8-for-s390x-appstream-eus-source-rpms',\n 'rhel-8-for-s390x-appstream-eus-source-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms',\n 'rhel-8-for-x86_64-appstream-eus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-eus-debug-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-appstream-eus-rpms',\n 'rhel-8-for-x86_64-appstream-eus-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-appstream-eus-source-rpms',\n 'rhel-8-for-x86_64-appstream-eus-source-rpms__8_DOT_1'\n ],\n 'rhel_eus_8_1_baseos': [\n 'rhel-8-for-aarch64-baseos-eus-debug-rpms',\n 'rhel-8-for-aarch64-baseos-eus-debug-rpms__8_DOT_1',\n 'rhel-8-for-aarch64-baseos-eus-rpms',\n 'rhel-8-for-aarch64-baseos-eus-rpms__8_DOT_1',\n 'rhel-8-for-aarch64-baseos-eus-source-rpms',\n 'rhel-8-for-aarch64-baseos-eus-source-rpms__8_DOT_1',\n 'rhel-8-for-s390x-baseos-eus-debug-rpms',\n 'rhel-8-for-s390x-baseos-eus-debug-rpms__8_DOT_1',\n 'rhel-8-for-s390x-baseos-eus-rpms',\n 'rhel-8-for-s390x-baseos-eus-rpms__8_DOT_1',\n 'rhel-8-for-s390x-baseos-eus-source-rpms',\n 'rhel-8-for-s390x-baseos-eus-source-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms',\n 'rhel-8-for-x86_64-baseos-eus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-eus-debug-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-baseos-eus-rpms',\n 'rhel-8-for-x86_64-baseos-eus-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-baseos-eus-source-rpms',\n 'rhel-8-for-x86_64-baseos-eus-source-rpms__8_DOT_1'\n ],\n 'rhel_eus_8_1_crb': [\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms__8_DOT_1',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms__8_DOT_1',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms__8_DOT_1',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms__8_DOT_1',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms__8_DOT_1',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms__8_DOT_1',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms__8_DOT_1',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms__8_DOT_1',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms__8_DOT_1'\n ],\n 'rhel_eus_8_1_highavailability': [\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms__8_DOT_1',\n 'rhel-8-for-aarch64-highavailability-eus-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-rpms__8_DOT_1',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms__8_DOT_1',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms__8_DOT_1',\n 'rhel-8-for-s390x-highavailability-eus-rpms',\n 'rhel-8-for-s390x-highavailability-eus-rpms__8_DOT_1',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-highavailability-eus-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms__8_DOT_1'\n ],\n 'rhel_eus_8_1_resilientstorage': [\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms__8_DOT_1',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms__8_DOT_1',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms__8_DOT_1'\n ],\n 'rhel_eus_8_1_sap': [\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms__8_DOT_1',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms__8_DOT_1',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms__8_DOT_1'\n ],\n 'rhel_eus_8_1_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms__8_DOT_1'\n ],\n 'rhel_eus_8_1_supplementary': [\n 'rhel-8-for-aarch64-supplementary-eus-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-rpms__8_DOT_1',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms__8_DOT_1',\n 'rhel-8-for-s390x-supplementary-eus-rpms',\n 'rhel-8-for-s390x-supplementary-eus-rpms__8_DOT_1',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-supplementary-eus-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-rpms__8_DOT_1',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms__8_DOT_1'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar pkgs = [\n {'reference':'fwupd-1.1.4-2.el8_1', 'sp':'1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_e4s_8_1_baseos', 'rhel_e4s_8_1_highavailability', 'rhel_e4s_8_1_sap', 'rhel_e4s_8_1_sap_hana', 'rhel_eus_8_1_appstream', 'rhel_eus_8_1_baseos', 'rhel_eus_8_1_crb', 'rhel_eus_8_1_highavailability', 'rhel_eus_8_1_resilientstorage', 'rhel_eus_8_1_sap', 'rhel_eus_8_1_sap_hana', 'rhel_eus_8_1_supplementary']},\n {'reference':'fwupd-1.1.4-2.el8_1', 'sp':'1', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_e4s_8_1_baseos', 'rhel_e4s_8_1_highavailability', 'rhel_e4s_8_1_sap', 'rhel_e4s_8_1_sap_hana', 'rhel_eus_8_1_appstream', 'rhel_eus_8_1_baseos', 'rhel_eus_8_1_crb', 'rhel_eus_8_1_highavailability', 'rhel_eus_8_1_resilientstorage', 'rhel_eus_8_1_sap', 'rhel_eus_8_1_sap_hana', 'rhel_eus_8_1_supplementary']},\n {'reference':'fwupd-1.1.4-2.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_e4s_8_1_baseos', 'rhel_e4s_8_1_highavailability', 'rhel_e4s_8_1_sap', 'rhel_e4s_8_1_sap_hana', 'rhel_eus_8_1_appstream', 'rhel_eus_8_1_baseos', 'rhel_eus_8_1_crb', 'rhel_eus_8_1_highavailability', 'rhel_eus_8_1_resilientstorage', 'rhel_eus_8_1_sap', 'rhel_eus_8_1_sap_hana', 'rhel_eus_8_1_supplementary']},\n {'reference':'grub2-common-2.02-87.el8_1', 'sp':'1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_e4s_8_1_baseos', 'rhel_e4s_8_1_highavailability', 'rhel_e4s_8_1_sap', 'rhel_e4s_8_1_sap_hana', 'rhel_eus_8_1_appstream', 'rhel_eus_8_1_baseos', 'rhel_eus_8_1_crb', 'rhel_eus_8_1_highavailability', 'rhel_eus_8_1_resilientstorage', 'rhel_eus_8_1_sap', 'rhel_eus_8_1_sap_hana', 'rhel_eus_8_1_supplementary']},\n {'reference':'grub2-efi-aa64-2.02-87.el8_1', 'sp':'1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_e4s_8_1_baseos', 'rhel_e4s_8_1_highavailability', 'rhel_e4s_8_1_sap', 'rhel_e4s_8_1_sap_hana', 'rhel_eus_8_1_appstream', 'rhel_eus_8_1_baseos', 'rhel_eus_8_1_crb', 'rhel_eus_8_1_highavailability', 'rhel_eus_8_1_resilientstorage', 'rhel_eus_8_1_sap', 'rhel_eus_8_1_sap_hana', 'rhel_eus_8_1_supplementary']},\n {'reference':'grub2-efi-aa64-cdboot-2.02-87.el8_1', 'sp':'1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_e4s_8_1_baseos', 'rhel_e4s_8_1_highavailability', 'rhel_e4s_8_1_sap', 'rhel_e4s_8_1_sap_hana', 'rhel_eus_8_1_appstream', 'rhel_eus_8_1_baseos', 'rhel_eus_8_1_crb', 'rhel_eus_8_1_highavailability', 'rhel_eus_8_1_resilientstorage', 'rhel_eus_8_1_sap', 'rhel_eus_8_1_sap_hana', 'rhel_eus_8_1_supplementary']},\n {'reference':'grub2-efi-aa64-modules-2.02-87.el8_1', 'sp':'1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_e4s_8_1_baseos', 'rhel_e4s_8_1_highavailability', 'rhel_e4s_8_1_sap', 'rhel_e4s_8_1_sap_hana', 'rhel_eus_8_1_appstream', 'rhel_eus_8_1_baseos', 'rhel_eus_8_1_crb', 'rhel_eus_8_1_highavailability', 'rhel_eus_8_1_resilientstorage', 'rhel_eus_8_1_sap', 'rhel_eus_8_1_sap_hana', 'rhel_eus_8_1_supplementary']},\n {'reference':'grub2-efi-ia32-2.02-87.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_e4s_8_1_baseos', 'rhel_e4s_8_1_highavailability', 'rhel_e4s_8_1_sap', 'rhel_e4s_8_1_sap_hana', 'rhel_eus_8_1_appstream', 'rhel_eus_8_1_baseos', 'rhel_eus_8_1_crb', 'rhel_eus_8_1_highavailability', 'rhel_eus_8_1_resilientstorage', 'rhel_eus_8_1_sap', 'rhel_eus_8_1_sap_hana', 'rhel_eus_8_1_supplementary']},\n {'reference':'grub2-efi-ia32-cdboot-2.02-87.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_e4s_8_1_baseos', 'rhel_e4s_8_1_highavailability', 'rhel_e4s_8_1_sap', 'rhel_e4s_8_1_sap_hana', 'rhel_eus_8_1_appstream', 'rhel_eus_8_1_baseos', 'rhel_eus_8_1_crb', 'rhel_eus_8_1_highavailability', 'rhel_eus_8_1_resilientstorage', 'rhel_eus_8_1_sap', 'rhel_eus_8_1_sap_hana', 'rhel_eus_8_1_supplementary']},\n {'reference':'grub2-efi-ia32-modules-2.02-87.el8_1', 'sp':'1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_e4s_8_1_baseos', 'rhel_e4s_8_1_highavailability', 'rhel_e4s_8_1_sap', 'rhel_e4s_8_1_sap_hana', 'rhel_eus_8_1_appstream', 'rhel_eus_8_1_baseos', 'rhel_eus_8_1_crb', 'rhel_eus_8_1_highavailability', 'rhel_eus_8_1_resilientstorage', 'rhel_eus_8_1_sap', 'rhel_eus_8_1_sap_hana', 'rhel_eus_8_1_supplementary']},\n {'reference':'grub2-efi-x64-2.02-87.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_e4s_8_1_baseos', 'rhel_e4s_8_1_highavailability', 'rhel_e4s_8_1_sap', 'rhel_e4s_8_1_sap_hana', 'rhel_eus_8_1_appstream', 'rhel_eus_8_1_baseos', 'rhel_eus_8_1_crb', 'rhel_eus_8_1_highavailability', 'rhel_eus_8_1_resilientstorage', 'rhel_eus_8_1_sap', 'rhel_eus_8_1_sap_hana', 'rhel_eus_8_1_supplementary']},\n {'reference':'grub2-efi-x64-cdboot-2.02-87.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_e4s_8_1_baseos', 'rhel_e4s_8_1_highavailability', 'rhel_e4s_8_1_sap', 'rhel_e4s_8_1_sap_hana', 'rhel_eus_8_1_appstream', 'rhel_eus_8_1_baseos', 'rhel_eus_8_1_crb', 'rhel_eus_8_1_highavailability', 'rhel_eus_8_1_resilientstorage', 'rhel_eus_8_1_sap', 'rhel_eus_8_1_sap_hana', 'rhel_eus_8_1_supplementary']},\n {'reference':'grub2-efi-x64-modules-2.02-87.el8_1', 'sp':'1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_e4s_8_1_baseos', 'rhel_e4s_8_1_highavailability', 'rhel_e4s_8_1_sap', 'rhel_e4s_8_1_sap_hana', 'rhel_eus_8_1_appstream', 'rhel_eus_8_1_baseos', 'rhel_eus_8_1_crb', 'rhel_eus_8_1_highavailability', 'rhel_eus_8_1_resilientstorage', 'rhel_eus_8_1_sap', 'rhel_eus_8_1_sap_hana', 'rhel_eus_8_1_supplementary']},\n {'reference':'grub2-pc-2.02-87.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_e4s_8_1_baseos', 'rhel_e4s_8_1_highavailability', 'rhel_e4s_8_1_sap', 'rhel_e4s_8_1_sap_hana', 'rhel_eus_8_1_appstream', 'rhel_eus_8_1_baseos', 'rhel_eus_8_1_crb', 'rhel_eus_8_1_highavailability', 'rhel_eus_8_1_resilientstorage', 'rhel_eus_8_1_sap', 'rhel_eus_8_1_sap_hana', 'rhel_eus_8_1_supplementary']},\n {'reference':'grub2-pc-modules-2.02-87.el8_1', 'sp':'1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_e4s_8_1_baseos', 'rhel_e4s_8_1_highavailability', 'rhel_e4s_8_1_sap', 'rhel_e4s_8_1_sap_hana', 'rhel_eus_8_1_appstream', 'rhel_eus_8_1_baseos', 'rhel_eus_8_1_crb', 'rhel_eus_8_1_highavailability', 'rhel_eus_8_1_resilientstorage', 'rhel_eus_8_1_sap', 'rhel_eus_8_1_sap_hana', 'rhel_eus_8_1_supplementary']},\n {'reference':'grub2-ppc64le-modules-2.02-87.el8_1', 'sp':'1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_e4s_8_1_baseos', 'rhel_e4s_8_1_highavailability', 'rhel_e4s_8_1_sap', 'rhel_e4s_8_1_sap_hana', 'rhel_eus_8_1_appstream', 'rhel_eus_8_1_baseos', 'rhel_eus_8_1_crb', 'rhel_eus_8_1_highavailability', 'rhel_eus_8_1_resilientstorage', 'rhel_eus_8_1_sap', 'rhel_eus_8_1_sap_hana', 'rhel_eus_8_1_supplementary']},\n {'reference':'grub2-tools-2.02-87.el8_1', 'sp':'1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_e4s_8_1_baseos', 'rhel_e4s_8_1_highavailability', 'rhel_e4s_8_1_sap', 'rhel_e4s_8_1_sap_hana', 'rhel_eus_8_1_appstream', 'rhel_eus_8_1_baseos', 'rhel_eus_8_1_crb', 'rhel_eus_8_1_highavailability', 'rhel_eus_8_1_resilientstorage', 'rhel_eus_8_1_sap', 'rhel_eus_8_1_sap_hana', 'rhel_eus_8_1_supplementary']},\n {'reference':'grub2-tools-2.02-87.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_e4s_8_1_baseos', 'rhel_e4s_8_1_highavailability', 'rhel_e4s_8_1_sap', 'rhel_e4s_8_1_sap_hana', 'rhel_eus_8_1_appstream', 'rhel_eus_8_1_baseos', 'rhel_eus_8_1_crb', 'rhel_eus_8_1_highavailability', 'rhel_eus_8_1_resilientstorage', 'rhel_eus_8_1_sap', 'rhel_eus_8_1_sap_hana', 'rhel_eus_8_1_supplementary']},\n {'reference':'grub2-tools-efi-2.02-87.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_e4s_8_1_baseos', 'rhel_e4s_8_1_highavailability', 'rhel_e4s_8_1_sap', 'rhel_e4s_8_1_sap_hana', 'rhel_eus_8_1_appstream', 'rhel_eus_8_1_baseos', 'rhel_eus_8_1_crb', 'rhel_eus_8_1_highavailability', 'rhel_eus_8_1_resilientstorage', 'rhel_eus_8_1_sap', 'rhel_eus_8_1_sap_hana', 'rhel_eus_8_1_supplementary']},\n {'reference':'grub2-tools-extra-2.02-87.el8_1', 'sp':'1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_e4s_8_1_baseos', 'rhel_e4s_8_1_highavailability', 'rhel_e4s_8_1_sap', 'rhel_e4s_8_1_sap_hana', 'rhel_eus_8_1_appstream', 'rhel_eus_8_1_baseos', 'rhel_eus_8_1_crb', 'rhel_eus_8_1_highavailability', 'rhel_eus_8_1_resilientstorage', 'rhel_eus_8_1_sap', 'rhel_eus_8_1_sap_hana', 'rhel_eus_8_1_supplementary']},\n {'reference':'grub2-tools-extra-2.02-87.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_e4s_8_1_baseos', 'rhel_e4s_8_1_highavailability', 'rhel_e4s_8_1_sap', 'rhel_e4s_8_1_sap_hana', 'rhel_eus_8_1_appstream', 'rhel_eus_8_1_baseos', 'rhel_eus_8_1_crb', 'rhel_eus_8_1_highavailability', 'rhel_eus_8_1_resilientstorage', 'rhel_eus_8_1_sap', 'rhel_eus_8_1_sap_hana', 'rhel_eus_8_1_supplementary']},\n {'reference':'grub2-tools-minimal-2.02-87.el8_1', 'sp':'1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_e4s_8_1_baseos', 'rhel_e4s_8_1_highavailability', 'rhel_e4s_8_1_sap', 'rhel_e4s_8_1_sap_hana', 'rhel_eus_8_1_appstream', 'rhel_eus_8_1_baseos', 'rhel_eus_8_1_crb', 'rhel_eus_8_1_highavailability', 'rhel_eus_8_1_resilientstorage', 'rhel_eus_8_1_sap', 'rhel_eus_8_1_sap_hana', 'rhel_eus_8_1_supplementary']},\n {'reference':'grub2-tools-minimal-2.02-87.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_e4s_8_1_baseos', 'rhel_e4s_8_1_highavailability', 'rhel_e4s_8_1_sap', 'rhel_e4s_8_1_sap_hana', 'rhel_eus_8_1_appstream', 'rhel_eus_8_1_baseos', 'rhel_eus_8_1_crb', 'rhel_eus_8_1_highavailability', 'rhel_eus_8_1_resilientstorage', 'rhel_eus_8_1_sap', 'rhel_eus_8_1_sap_hana', 'rhel_eus_8_1_supplementary']},\n {'reference':'shim-aa64-15-14.el8_1', 'sp':'1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_e4s_8_1_baseos', 'rhel_e4s_8_1_highavailability', 'rhel_e4s_8_1_sap', 'rhel_e4s_8_1_sap_hana', 'rhel_eus_8_1_appstream', 'rhel_eus_8_1_baseos', 'rhel_eus_8_1_crb', 'rhel_eus_8_1_highavailability', 'rhel_eus_8_1_resilientstorage', 'rhel_eus_8_1_sap', 'rhel_eus_8_1_sap_hana', 'rhel_eus_8_1_supplementary']},\n {'reference':'shim-ia32-15-14.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_e4s_8_1_baseos', 'rhel_e4s_8_1_highavailability', 'rhel_e4s_8_1_sap', 'rhel_e4s_8_1_sap_hana', 'rhel_eus_8_1_appstream', 'rhel_eus_8_1_baseos', 'rhel_eus_8_1_crb', 'rhel_eus_8_1_highavailability', 'rhel_eus_8_1_resilientstorage', 'rhel_eus_8_1_sap', 'rhel_eus_8_1_sap_hana', 'rhel_eus_8_1_supplementary']},\n {'reference':'shim-unsigned-x64-15-7.el8', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_e4s_8_1_baseos', 'rhel_e4s_8_1_highavailability', 'rhel_e4s_8_1_sap', 'rhel_e4s_8_1_sap_hana', 'rhel_eus_8_1_appstream', 'rhel_eus_8_1_baseos', 'rhel_eus_8_1_crb', 'rhel_eus_8_1_highavailability', 'rhel_eus_8_1_resilientstorage', 'rhel_eus_8_1_sap', 'rhel_eus_8_1_sap_hana', 'rhel_eus_8_1_supplementary']},\n {'reference':'shim-x64-15-14.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_e4s_8_1_appstream', 'rhel_e4s_8_1_baseos', 'rhel_e4s_8_1_highavailability', 'rhel_e4s_8_1_sap', 'rhel_e4s_8_1_sap_hana', 'rhel_eus_8_1_appstream', 'rhel_eus_8_1_baseos', 'rhel_eus_8_1_crb', 'rhel_eus_8_1_highavailability', 'rhel_eus_8_1_resilientstorage', 'rhel_eus_8_1_sap', 'rhel_eus_8_1_sap_hana', 'rhel_eus_8_1_supplementary']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Extended Update Support or Update Services for SAP Solutions repositories.\\n' +\n 'Access to these repositories requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'fwupd / grub2-common / grub2-efi-aa64 / grub2-efi-aa64-cdboot / etc');\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-31T16:35:36", "description": "An update of the grub2 package has been released.", "cvss3": {"score": 8.2, "vector": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}, "published": "2020-08-01T00:00:00", "type": "nessus", "title": "Photon OS 2.0: Grub2 PHSA-2020-2.0-0267", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10713", "CVE-2020-14308", "CVE-2020-14309", "CVE-2020-14310", "CVE-2020-14311", "CVE-2020-15705", "CVE-2020-15706", "CVE-2020-15707"], "modified": "2022-05-12T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:grub2", "cpe:/o:vmware:photonos:2.0"], "id": "PHOTONOS_PHSA-2020-2_0-0267_GRUB2.NASL", "href": "https://www.tenable.com/plugins/nessus/139243", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2020-2.0-0267. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(139243);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\n \"CVE-2020-10713\",\n \"CVE-2020-14308\",\n \"CVE-2020-14309\",\n \"CVE-2020-14310\",\n \"CVE-2020-14311\",\n \"CVE-2020-15705\",\n \"CVE-2020-15706\",\n \"CVE-2020-15707\"\n );\n script_xref(name:\"IAVA\", value:\"2020-A-0349\");\n\n script_name(english:\"Photon OS 2.0: Grub2 PHSA-2020-2.0-0267\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the grub2 package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-2-267.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-14309\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-10713\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:grub2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:2.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 2.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-2.0\", cpu:\"x86_64\", reference:\"grub2-2.04-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", cpu:\"x86_64\", reference:\"grub2-efi-2.04-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", cpu:\"x86_64\", reference:\"grub2-lang-2.04-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", cpu:\"x86_64\", reference:\"grub2-pc-2.04-1.ph2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"grub2\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-10T03:13:01", "description": "The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 20.10 / 21.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4991-1 advisory.\n\n - The htmlParseTryOrFinish function in HTMLparser.c in libxml2 2.9.4 allows attackers to cause a denial of service (buffer over-read) or information disclosure. (CVE-2017-8872)\n\n - xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak.\n (CVE-2019-20388)\n\n - GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e. (CVE-2020-24977)\n\n - There's a flaw in libxml2's xmllint in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by xmllint could trigger a use-after-free. The greatest impact of this flaw is to confidentiality, integrity, and availability. (CVE-2021-3516)\n\n - There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-of-bounds read. The most likely impact of this flaw is to application availability, with some potential impact to confidentiality and integrity if an attacker is able to use memory information to further exploit the application. (CVE-2021-3517)\n\n - There's a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, integrity, and availability. (CVE-2021-3518)\n\n - A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could be used to crash the application. The highest threat from this vulnerability is to system availability. (CVE-2021-3537)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"}, "published": "2021-06-17T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 20.10 / 21.04 : libxml2 vulnerabilities (USN-4991-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-8872", "CVE-2019-20388", "CVE-2020-24977", "CVE-2021-3516", "CVE-2021-3517", "CVE-2021-3518", "CVE-2021-3537", "CVE-2021-3541"], "modified": "2022-05-09T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:16.04:-:lts", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "cpe:/o:canonical:ubuntu_linux:20.10", "cpe:/o:canonical:ubuntu_linux:21.04", "p-cpe:/a:canonical:ubuntu_linux:libxml2", "p-cpe:/a:canonical:ubuntu_linux:libxml2-dev", "p-cpe:/a:canonical:ubuntu_linux:libxml2-udeb", "p-cpe:/a:canonical:ubuntu_linux:libxml2-utils", "p-cpe:/a:canonical:ubuntu_linux:python-libxml2", "p-cpe:/a:canonical:ubuntu_linux:python3-libxml2"], "id": "UBUNTU_USN-4991-1.NASL", "href": "https://www.tenable.com/plugins/nessus/150858", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4991-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(150858);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\n \"CVE-2017-8872\",\n \"CVE-2019-20388\",\n \"CVE-2020-24977\",\n \"CVE-2021-3516\",\n \"CVE-2021-3517\",\n \"CVE-2021-3518\",\n \"CVE-2021-3537\",\n \"CVE-2021-3541\"\n );\n script_xref(name:\"USN\", value:\"4991-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 20.10 / 21.04 : libxml2 vulnerabilities (USN-4991-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 20.10 / 21.04 host has packages installed that are affected by\nmultiple vulnerabilities as referenced in the USN-4991-1 advisory.\n\n - The htmlParseTryOrFinish function in HTMLparser.c in libxml2 2.9.4 allows attackers to cause a denial of\n service (buffer over-read) or information disclosure. (CVE-2017-8872)\n\n - xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak.\n (CVE-2019-20388)\n\n - GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at\n libxml2/entities.c. The issue has been fixed in commit 50f06b3e. (CVE-2020-24977)\n\n - There's a flaw in libxml2's xmllint in versions before 2.9.11. An attacker who is able to submit a crafted\n file to be processed by xmllint could trigger a use-after-free. The greatest impact of this flaw is to\n confidentiality, integrity, and availability. (CVE-2021-3516)\n\n - There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker\n who is able to supply a crafted file to be processed by an application linked with the affected\n functionality of libxml2 could trigger an out-of-bounds read. The most likely impact of this flaw is to\n application availability, with some potential impact to confidentiality and integrity if an attacker is\n able to use memory information to further exploit the application. (CVE-2021-3517)\n\n - There's a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to\n be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact\n from this flaw is to confidentiality, integrity, and availability. (CVE-2021-3518)\n\n - A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while\n parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery\n mode and post-validated, the flaw could be used to crash the application. The highest threat from this\n vulnerability is to system availability. (CVE-2021-3537)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-4991-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3517\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2017-8872\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/05/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:21.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libxml2-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libxml2-udeb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libxml2-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python-libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python3-libxml2\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2021-2022 Canonical, Inc. / NASL script (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('ubuntu.inc');\ninclude('misc_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/Ubuntu/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.04|18\\.04|20\\.04|20\\.10|21\\.04)$\", string:release)) audit(AUDIT_OS_NOT, 'Ubuntu 16.04 / 18.04 / 20.04 / 20.10 / 21.04', 'Ubuntu ' + release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\n\npkgs = [\n {'osver': '16.04', 'pkgname': 'libxml2', 'pkgver': '2.9.3+dfsg1-1ubuntu0.7+esm1'},\n {'osver': '16.04', 'pkgname': 'libxml2-dev', 'pkgver': '2.9.3+dfsg1-1ubuntu0.7+esm1'},\n {'osver': '16.04', 'pkgname': 'libxml2-udeb', 'pkgver': '2.9.3+dfsg1-1ubuntu0.7+esm1'},\n {'osver': '16.04', 'pkgname': 'libxml2-utils', 'pkgver': '2.9.3+dfsg1-1ubuntu0.7+esm1'},\n {'osver': '16.04', 'pkgname': 'python-libxml2', 'pkgver': '2.9.3+dfsg1-1ubuntu0.7+esm1'},\n {'osver': '18.04', 'pkgname': 'libxml2', 'pkgver': '2.9.4+dfsg1-6.1ubuntu1.4'},\n {'osver': '18.04', 'pkgname': 'libxml2-dev', 'pkgver': '2.9.4+dfsg1-6.1ubuntu1.4'},\n {'osver': '18.04', 'pkgname': 'libxml2-udeb', 'pkgver': '2.9.4+dfsg1-6.1ubuntu1.4'},\n {'osver': '18.04', 'pkgname': 'libxml2-utils', 'pkgver': '2.9.4+dfsg1-6.1ubuntu1.4'},\n {'osver': '18.04', 'pkgname': 'python-libxml2', 'pkgver': '2.9.4+dfsg1-6.1ubuntu1.4'},\n {'osver': '18.04', 'pkgname': 'python3-libxml2', 'pkgver': '2.9.4+dfsg1-6.1ubuntu1.4'},\n {'osver': '20.04', 'pkgname': 'libxml2', 'pkgver': '2.9.10+dfsg-5ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libxml2-dev', 'pkgver': '2.9.10+dfsg-5ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'libxml2-utils', 'pkgver': '2.9.10+dfsg-5ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'python-libxml2', 'pkgver': '2.9.10+dfsg-5ubuntu0.20.04.1'},\n {'osver': '20.04', 'pkgname': 'python3-libxml2', 'pkgver': '2.9.10+dfsg-5ubuntu0.20.04.1'},\n {'osver': '20.10', 'pkgname': 'libxml2', 'pkgver': '2.9.10+dfsg-5ubuntu0.20.10.2'},\n {'osver': '20.10', 'pkgname': 'libxml2-dev', 'pkgver': '2.9.10+dfsg-5ubuntu0.20.10.2'},\n {'osver': '20.10', 'pkgname': 'libxml2-utils', 'pkgver': '2.9.10+dfsg-5ubuntu0.20.10.2'},\n {'osver': '20.10', 'pkgname': 'python-libxml2', 'pkgver': '2.9.10+dfsg-5ubuntu0.20.10.2'},\n {'osver': '20.10', 'pkgname': 'python3-libxml2', 'pkgver': '2.9.10+dfsg-5ubuntu0.20.10.2'},\n {'osver': '21.04', 'pkgname': 'libxml2', 'pkgver': '2.9.10+dfsg-6.3ubuntu0.1'},\n {'osver': '21.04', 'pkgname': 'libxml2-dev', 'pkgver': '2.9.10+dfsg-6.3ubuntu0.1'},\n {'osver': '21.04', 'pkgname': 'libxml2-utils', 'pkgver': '2.9.10+dfsg-6.3ubuntu0.1'},\n {'osver': '21.04', 'pkgname': 'python3-libxml2', 'pkgver': '2.9.10+dfsg-6.3ubuntu0.1'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n osver = NULL;\n pkgname = NULL;\n pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libxml2 / libxml2-dev / libxml2-udeb / libxml2-utils / python-libxml2 / etc');\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-12-16T13:38:32", "description": "According to the versions of the grub2 packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities :\n\n - Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2 upstream), leading to a heap-based buffer overflow.\n These could be triggered by an extremely large number of arguments to the initrd command on 32-bit architectures, or a crafted filesystem with very large files on any architecture. An attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. This issue affects GRUB2 version 2.04 and prior versions.(CVE-2020-15707)\n\n - GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure boot restriction bypass. This issue affects GRUB2 version 2.04 and prior versions.(CVE-2020-15706)\n\n - There is an issue with grub2 before version 2.06 while handling symlink on ext filesystems. A filesystem containing a symbolic link with an inode size of UINT32_MAX causes an arithmetic overflow leading to a zero-sized memory allocation with subsequent heap-based buffer overflow.(CVE-2020-14311)\n\n - There is an issue on grub2 before version 2.06 at function read_section_as_string(). It expects a font name to be at max UINT32_MAX - 1 length in bytes but it doesn't verify it before proceed with buffer allocation to read the value from the font value. An attacker may leverage that by crafting a malicious font file which has a name with UINT32_MAX, leading to read_section_as_string() to an arithmetic overflow, zero-sized allocation and further heap-based buffer overflow.(CVE-2020-14310)\n\n - There's an issue with grub2 in all versions before 2.06 when handling squashfs filesystems containing a symbolic link with name length of UINT32 bytes in size.\n The name size leads to an arithmetic overflow leading to a zero-size allocation further causing a heap-based buffer overflow with attacker controlled data.(CVE-2020-14309)\n\n - In grub2 versions before 2.06 the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This leads the function to return invalid memory allocations which can be further used to cause possible integrity, confidentiality and availability impacts during the boot process.(CVE-2020-14308)\n\n - GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel signing certificate has been imported directly into the secure boot database and the GRUB image is booted directly without the use of shim. This issue affects GRUB2 version 2.04 and prior versions.(CVE-2020-15705)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 6.7, "vector": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-09-29T00:00:00", "type": "nessus", "title": "EulerOS Virtualization for ARM 64 3.0.6.0 : grub2 (EulerOS-SA-2020-2000)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-14308", "CVE-2020-14309", "CVE-2020-14310", "CVE-2020-14311", "CVE-2020-15705", "CVE-2020-15706", "CVE-2020-15707"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:grub2-common", "p-cpe:/a:huawei:euleros:grub2-efi-aa64", "p-cpe:/a:huawei:euleros:grub2-efi-aa64-modules", "p-cpe:/a:huawei:euleros:grub2-tools", "p-cpe:/a:huawei:euleros:grub2-tools-extra", "p-cpe:/a:huawei:euleros:grub2-tools-minimal", "cpe:/o:huawei:euleros:uvp:3.0.6.0"], "id": "EULEROS_SA-2020-2000.NASL", "href": "https://www.tenable.com/plugins/nessus/140948", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(140948);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2020-14308\",\n \"CVE-2020-14309\",\n \"CVE-2020-14310\",\n \"CVE-2020-14311\",\n \"CVE-2020-15705\",\n \"CVE-2020-15706\",\n \"CVE-2020-15707\"\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.6.0 : grub2 (EulerOS-SA-2020-2000)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the grub2 packages installed, the\nEulerOS Virtualization for ARM 64 installation on the remote host is\naffected by the following vulnerabilities :\n\n - Integer overflows were discovered in the functions\n grub_cmd_initrd and grub_initrd_init in the efilinux\n component of GRUB2, as shipped in Debian, Red Hat, and\n Ubuntu (the functionality is not included in GRUB2\n upstream), leading to a heap-based buffer overflow.\n These could be triggered by an extremely large number\n of arguments to the initrd command on 32-bit\n architectures, or a crafted filesystem with very large\n files on any architecture. An attacker could use this\n to execute arbitrary code and bypass UEFI Secure Boot\n restrictions. This issue affects GRUB2 version 2.04 and\n prior versions.(CVE-2020-15707)\n\n - GRUB2 contains a race condition in\n grub_script_function_create() leading to a\n use-after-free vulnerability which can be triggered by\n redefining a function whilst the same function is\n already executing, leading to arbitrary code execution\n and secure boot restriction bypass. This issue affects\n GRUB2 version 2.04 and prior versions.(CVE-2020-15706)\n\n - There is an issue with grub2 before version 2.06 while\n handling symlink on ext filesystems. A filesystem\n containing a symbolic link with an inode size of\n UINT32_MAX causes an arithmetic overflow leading to a\n zero-sized memory allocation with subsequent heap-based\n buffer overflow.(CVE-2020-14311)\n\n - There is an issue on grub2 before version 2.06 at\n function read_section_as_string(). It expects a font\n name to be at max UINT32_MAX - 1 length in bytes but it\n doesn't verify it before proceed with buffer allocation\n to read the value from the font value. An attacker may\n leverage that by crafting a malicious font file which\n has a name with UINT32_MAX, leading to\n read_section_as_string() to an arithmetic overflow,\n zero-sized allocation and further heap-based buffer\n overflow.(CVE-2020-14310)\n\n - There's an issue with grub2 in all versions before 2.06\n when handling squashfs filesystems containing a\n symbolic link with name length of UINT32 bytes in size.\n The name size leads to an arithmetic overflow leading\n to a zero-size allocation further causing a heap-based\n buffer overflow with attacker controlled\n data.(CVE-2020-14309)\n\n - In grub2 versions before 2.06 the grub memory allocator\n doesn't check for possible arithmetic overflows on the\n requested allocation size. This leads the function to\n return invalid memory allocations which can be further\n used to cause possible integrity, confidentiality and\n availability impacts during the boot\n process.(CVE-2020-14308)\n\n - GRUB2 fails to validate kernel signature when booted\n directly without shim, allowing secure boot to be\n bypassed. This only affects systems where the kernel\n signing certificate has been imported directly into the\n secure boot database and the GRUB image is booted\n directly without the use of shim. This issue affects\n GRUB2 version 2.04 and prior versions.(CVE-2020-15705)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-2000\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1436ffb8\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected grub2 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/09/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/09/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:grub2-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:grub2-efi-aa64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:grub2-efi-aa64-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:grub2-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:grub2-tools-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:grub2-tools-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.6.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.6.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.6.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"grub2-common-2.02-62.h27.eulerosv2r8\",\n \"grub2-efi-aa64-2.02-62.h27.eulerosv2r8\",\n \"grub2-efi-aa64-modules-2.02-62.h27.eulerosv2r8\",\n \"grub2-tools-2.02-62.h27.eulerosv2r8\",\n \"grub2-tools-extra-2.02-62.h27.eulerosv2r8\",\n \"grub2-tools-minimal-2.02-62.h27.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"grub2\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-31T16:36:20", "description": "This update for grub2 fixes the following issues :\n\nCVE-2020-10713 (bsc#1168994)\n\nCVE-2020-14308 CVE-2020-14309, CVE-2020-14310, CVE-2020-14311 (bsc#1173812)\n\nCVE-2020-15706 (bsc#1174463)\n\nCVE-2020-15707 (bsc#1174570)\n\nUse overflow checking primitives where the arithmetic expression for buffer allocations may include unvalidated data\n\nUse grub_calloc for overflow check and return NULL when it would occur\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.2, "vector": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}, "published": "2020-07-30T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : grub2 (SUSE-SU-2020:2077-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10713", "CVE-2020-14308", "CVE-2020-14309", "CVE-2020-14310", "CVE-2020-14311", "CVE-2020-15706", "CVE-2020-15707"], "modified": "2022-05-12T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:grub2", "p-cpe:/a:novell:suse_linux:grub2-debuginfo", "p-cpe:/a:novell:suse_linux:grub2-debugsource", "p-cpe:/a:novell:suse_linux:grub2-s390x-emu", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2020-2077-1.NASL", "href": "https://www.tenable.com/plugins/nessus/139176", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:2077-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(139176);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\n \"CVE-2020-10713\",\n \"CVE-2020-14308\",\n \"CVE-2020-14309\",\n \"CVE-2020-14310\",\n \"CVE-2020-14311\",\n \"CVE-2020-15706\",\n \"CVE-2020-15707\"\n );\n script_xref(name:\"IAVA\", value:\"2020-A-0349\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : grub2 (SUSE-SU-2020:2077-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for grub2 fixes the following issues :\n\nCVE-2020-10713 (bsc#1168994)\n\nCVE-2020-14308 CVE-2020-14309, CVE-2020-14310, CVE-2020-14311\n(bsc#1173812)\n\nCVE-2020-15706 (bsc#1174463)\n\nCVE-2020-15707 (bsc#1174570)\n\nUse overflow checking primitives where the arithmetic expression for\nbuffer allocations may include unvalidated data\n\nUse grub_calloc for overflow check and return NULL when it would occur\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168994\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1173812\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1174463\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1174570\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-10713/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-14308/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-14309/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-14310/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-14311/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-15706/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-15707/\");\n # https://www.suse.com/support/update/announcement/2020/suse-su-20202077-1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1acd6c8f\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Server Applications 15-SP1 :\n\nzypper in -t patch\nSUSE-SLE-Module-Server-Applications-15-SP1-2020-2077=1\n\nSUSE Linux Enterprise Module for Basesystem 15-SP1 :\n\nzypper in -t patch SUSE-SLE-Module-Basesystem-15-SP1-2020-2077=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-14309\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-10713\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:grub2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:grub2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:grub2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:grub2-s390x-emu\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"grub2-s390x-emu-2.02-26.25.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"grub2-2.02-26.25.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"grub2-debuginfo-2.02-26.25.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"grub2-debugsource-2.02-26.25.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"grub2-s390x-emu-2.02-26.25.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"grub2-2.02-26.25.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"grub2-debuginfo-2.02-26.25.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"grub2-debugsource-2.02-26.25.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"grub2\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-01T17:16:53", "description": "This update for grub2 fixes the following issues :\n\n - Fix for CVE-2020-10713 (bsc#1168994)\n\n - Fix for CVE-2020-14308 CVE-2020-14309, CVE-2020-14310, CVE-2020-14311 (bsc#1173812)\n\n - Fix for CVE-2020-15706 (bsc#1174463)\n\n - Fix for CVE-2020-15707 (bsc#1174570)\n\n - Use overflow checking primitives where the arithmetic expression for buffer\n\n - Use grub_calloc for overflow check and return NULL when it would occur \n\nThis update was imported from the SUSE:SLE-15-SP2:Update update project.", "cvss3": {"score": 8.2, "vector": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}, "published": "2020-08-10T00:00:00", "type": "nessus", "title": "openSUSE Security Update : grub2 (openSUSE-2020-1169)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10713", "CVE-2020-14308", "CVE-2020-14309", "CVE-2020-14310", "CVE-2020-14311", "CVE-2020-15706", "CVE-2020-15707"], "modified": "2022-05-13T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:grub2", "p-cpe:/a:novell:opensuse:grub2-branding-upstream", "p-cpe:/a:novell:opensuse:grub2-debuginfo", "p-cpe:/a:novell:opensuse:grub2-debugsource", "p-cpe:/a:novell:opensuse:grub2-i386-efi", "p-cpe:/a:novell:opensuse:grub2-i386-efi-debug", "p-cpe:/a:novell:opensuse:grub2-i386-pc", "p-cpe:/a:novell:opensuse:grub2-i386-pc-debug", "p-cpe:/a:novell:opensuse:grub2-i386-xen", "p-cpe:/a:novell:opensuse:grub2-snapper-plugin", "p-cpe:/a:novell:opensuse:grub2-systemd-sleep-plugin", "p-cpe:/a:novell:opensuse:grub2-x86_64-efi", "p-cpe:/a:novell:opensuse:grub2-x86_64-efi-debug", "p-cpe:/a:novell:opensuse:grub2-x86_64-xen", "cpe:/o:novell:opensuse:15.2"], "id": "OPENSUSE-2020-1169.NASL", "href": "https://www.tenable.com/plugins/nessus/139449", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-1169.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(139449);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/13\");\n\n script_cve_id(\"CVE-2020-10713\", \"CVE-2020-14308\", \"CVE-2020-14309\", \"CVE-2020-14310\", \"CVE-2020-14311\", \"CVE-2020-15706\", \"CVE-2020-15707\");\n script_xref(name:\"IAVA\", value:\"2020-A-0349\");\n\n script_name(english:\"openSUSE Security Update : grub2 (openSUSE-2020-1169)\");\n script_summary(english:\"Check for the openSUSE-2020-1169 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for grub2 fixes the following issues :\n\n - Fix for CVE-2020-10713 (bsc#1168994)\n\n - Fix for CVE-2020-14308 CVE-2020-14309, CVE-2020-14310,\n CVE-2020-14311 (bsc#1173812)\n\n - Fix for CVE-2020-15706 (bsc#1174463)\n\n - Fix for CVE-2020-15707 (bsc#1174570)\n\n - Use overflow checking primitives where the arithmetic\n expression for buffer\n\n - Use grub_calloc for overflow check and return NULL when\n it would occur \n\nThis update was imported from the SUSE:SLE-15-SP2:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1168994\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1173812\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1174463\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1174570\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected grub2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-14309\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:grub2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:grub2-branding-upstream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:grub2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:grub2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:grub2-i386-efi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:grub2-i386-efi-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:grub2-i386-pc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:grub2-i386-pc-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:grub2-i386-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:grub2-snapper-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:grub2-systemd-sleep-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:grub2-x86_64-efi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:grub2-x86_64-efi-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:grub2-x86_64-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/08/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.2\", reference:\"grub2-2.04-lp152.7.3.4\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"grub2-branding-upstream-2.04-lp152.7.3.4\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"grub2-debuginfo-2.04-lp152.7.3.4\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"grub2-debugsource-2.04-lp152.7.3.4\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"grub2-i386-efi-2.04-lp152.7.3.4\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"grub2-i386-efi-debug-2.04-lp152.7.3.4\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"grub2-i386-pc-2.04-lp152.7.3.4\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"grub2-i386-pc-debug-2.04-lp152.7.3.4\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"grub2-i386-xen-2.04-lp152.7.3.4\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"grub2-snapper-plugin-2.04-lp152.7.3.4\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"grub2-systemd-sleep-plugin-2.04-lp152.7.3.4\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"grub2-x86_64-efi-2.04-lp152.7.3.4\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"grub2-x86_64-efi-debug-2.04-lp152.7.3.4\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"grub2-x86_64-xen-2.04-lp152.7.3.4\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"grub2 / grub2-branding-upstream / grub2-debuginfo / etc\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-31T16:35:36", "description": "This update for grub2 fixes the following issues :\n\nFix for CVE-2020-10713 (bsc#1168994)\n\nFix for CVE-2020-14308 CVE-2020-14309, CVE-2020-14310, CVE-2020-14311 (bsc#1173812)\n\nFix for CVE-2020-15706 (bsc#1174463)\n\nFix for CVE-2020-15707 (bsc#1174570)\n\nUse overflow checking primitives where the arithmetic expression for buffer allocations may include unvalidated data\n\nUse gcc-9 compiler for overflow check builtins\n\nBackport gcc-9 build fixes\n\nFix packed-not-aligned error on GCC 8 (bsc#1084632)\n\nBackport gcc-7 build fixes\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.2, "vector": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}, "published": "2020-07-30T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : grub2 (SUSE-SU-2020:2076-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10713", "CVE-2020-14308", "CVE-2020-14309", "CVE-2020-14310", "CVE-2020-14311", "CVE-2020-15706", "CVE-2020-15707"], "modified": "2022-05-12T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:grub2", "p-cpe:/a:novell:suse_linux:grub2-debuginfo", "p-cpe:/a:novell:suse_linux:grub2-debugsource", "p-cpe:/a:novell:suse_linux:grub2-i386-pc", "p-cpe:/a:novell:suse_linux:grub2-s390x-emu", "p-cpe:/a:novell:suse_linux:grub2-x86_64-efi", "p-cpe:/a:novell:suse_linux:grub2-x86_64-xen", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2020-2076-1.NASL", "href": "https://www.tenable.com/plugins/nessus/139175", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:2076-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(139175);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\n \"CVE-2020-10713\",\n \"CVE-2020-14308\",\n \"CVE-2020-14309\",\n \"CVE-2020-14310\",\n \"CVE-2020-14311\",\n \"CVE-2020-15706\",\n \"CVE-2020-15707\"\n );\n script_xref(name:\"IAVA\", value:\"2020-A-0349\");\n\n script_name(english:\"SUSE SLES12 Security Update : grub2 (SUSE-SU-2020:2076-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for grub2 fixes the following issues :\n\nFix for CVE-2020-10713 (bsc#1168994)\n\nFix for CVE-2020-14308 CVE-2020-14309, CVE-2020-14310, CVE-2020-14311\n(bsc#1173812)\n\nFix for CVE-2020-15706 (bsc#1174463)\n\nFix for CVE-2020-15707 (bsc#1174570)\n\nUse overflow checking primitives where the arithmetic expression for\nbuffer allocations may include unvalidated data\n\nUse gcc-9 compiler for overflow check builtins\n\nBackport gcc-9 build fixes\n\nFix packed-not-aligned error on GCC 8 (bsc#1084632)\n\nBackport gcc-7 build fixes\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1084632\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168994\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1173812\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1174463\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1174570\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-10713/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-14308/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-14309/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-14310/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-14311/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-15706/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-15707/\");\n # https://www.suse.com/support/update/announcement/2020/suse-su-20202076-1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ff25309d\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud 7 :\n\nzypper in -t patch SUSE-OpenStack-Cloud-7-2020-2076=1\n\nSUSE Linux Enterprise Server for SAP 12-SP2 :\n\nzypper in -t patch SUSE-SLE-SAP-12-SP2-2020-2076=1\n\nSUSE Linux Enterprise Server 12-SP2-LTSS :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP2-2020-2076=1\n\nSUSE Linux Enterprise Server 12-SP2-BCL :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2020-2076=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-14309\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-10713\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:grub2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:grub2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:grub2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:grub2-i386-pc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:grub2-s390x-emu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:grub2-x86_64-efi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:grub2-x86_64-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"grub2-i386-pc-2.02~beta2-115.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"grub2-x86_64-efi-2.02~beta2-115.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"grub2-x86_64-xen-2.02~beta2-115.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"s390x\", reference:\"grub2-s390x-emu-2.02~beta2-115.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"grub2-2.02~beta2-115.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"grub2-debuginfo-2.02~beta2-115.49.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"grub2-debugsource-2.02~beta2-115.49.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"grub2\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-31T16:35:36", "description": "This update for grub2 fixes the following issues :\n\nFix for CVE-2020-10713 (bsc#1168994)\n\nFix for CVE-2020-14308 CVE-2020-14309, CVE-2020-14310, CVE-2020-14311 (bsc#1173812)\n\nFix for CVE-2020-15706 (bsc#1174463)\n\nFix for CVE-2020-15707 (bsc#1174570)\n\nUse overflow checking primitives where the arithmetic expression for buffer allocations may include unvalidated data\n\nUse grub_calloc for overflow check and return NULL when it would occur\n\nUse gcc-9 compiler for overflow check builtins\n\nBackport gcc-9 build fixes\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.2, "vector": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}, "published": "2020-07-30T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : grub2 (SUSE-SU-2020:2073-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10713", "CVE-2020-14308", "CVE-2020-14309", "CVE-2020-14310", "CVE-2020-14311", "CVE-2020-15706", "CVE-2020-15707"], "modified": "2022-05-12T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:grub2", "p-cpe:/a:novell:suse_linux:grub2-debuginfo", "p-cpe:/a:novell:suse_linux:grub2-debugsource", "p-cpe:/a:novell:suse_linux:grub2-s390x-emu", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2020-2073-1.NASL", "href": "https://www.tenable.com/plugins/nessus/139173", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:2073-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(139173);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\n \"CVE-2020-10713\",\n \"CVE-2020-14308\",\n \"CVE-2020-14309\",\n \"CVE-2020-14310\",\n \"CVE-2020-14311\",\n \"CVE-2020-15706\",\n \"CVE-2020-15707\"\n );\n script_xref(name:\"IAVA\", value:\"2020-A-0349\");\n\n script_name(english:\"SUSE SLES15 Security Update : grub2 (SUSE-SU-2020:2073-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for grub2 fixes the following issues :\n\nFix for CVE-2020-10713 (bsc#1168994)\n\nFix for CVE-2020-14308 CVE-2020-14309, CVE-2020-14310, CVE-2020-14311\n(bsc#1173812)\n\nFix for CVE-2020-15706 (bsc#1174463)\n\nFix for CVE-2020-15707 (bsc#1174570)\n\nUse overflow checking primitives where the arithmetic expression for\nbuffer allocations may include unvalidated data\n\nUse grub_calloc for overflow check and return NULL when it would occur\n\nUse gcc-9 compiler for overflow check builtins\n\nBackport gcc-9 build fixes\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168994\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1173812\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1174463\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1174570\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-10713/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-14308/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-14309/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-14310/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-14311/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-15706/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-15707/\");\n # https://www.suse.com/support/update/announcement/2020/suse-su-20202073-1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ff223fcf\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 15 :\n\nzypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2020-2073=1\n\nSUSE Linux Enterprise Server 15-LTSS :\n\nzypper in -t patch SUSE-SLE-Product-SLES-15-2020-2073=1\n\nSUSE Linux Enterprise High Performance Computing 15-LTSS :\n\nzypper in -t patch SUSE-SLE-Product-HPC-15-2020-2073=1\n\nSUSE Linux Enterprise High Performance Computing 15-ESPOS :\n\nzypper in -t patch SUSE-SLE-Product-HPC-15-2020-2073=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-14309\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-10713\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:grub2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:grub2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:grub2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:grub2-s390x-emu\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"s390x\") audit(AUDIT_ARCH_NOT, \"s390x\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"grub2-2.02-19.48.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"grub2-debuginfo-2.02-19.48.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"grub2-debugsource-2.02-19.48.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"grub2-s390x-emu-2.02-19.48.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"grub2\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-31T15:31:20", "description": "According to the versions of the grub2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - A flaw was found in grub2, prior to version 2.06. An attacker may use the GRUB 2 flaw to hijack and tamper the GRUB verification process. This flaw also allows the bypass of Secure Boot protections. In order to load an untrusted or modified kernel, an attacker would first need to establish access to the system such as gaining physical access, obtain the ability to alter a pxe-boot network, or have remote access to a networked system with root access. With this access, an attacker could then craft a string to cause a buffer overflow by injecting a malicious payload that leads to arbitrary code execution within GRUB. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.(CVE-2020-10713)\n\n - Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2 upstream), leading to a heap-based buffer overflow.\n These could be triggered by an extremely large number of arguments to the initrd command on 32-bit architectures, or a crafted filesystem with very large files on any architecture. An attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. This issue affects GRUB2 version 2.04 and prior versions.(CVE-2020-15707)\n\n - GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure boot restriction bypass. This issue affects GRUB2 version 2.04 and prior versions.(CVE-2020-15706)\n\n - There is an issue with grub2 before version 2.06 while handling symlink on ext filesystems. A filesystem containing a symbolic link with an inode size of UINT32_MAX causes an arithmetic overflow leading to a zero-sized memory allocation with subsequent heap-based buffer overflow.(CVE-2020-14311)\n\n - There is an issue on grub2 before version 2.06 at function read_section_as_string(). It expects a font name to be at max UINT32_MAX - 1 length in bytes but it doesn't verify it before proceed with buffer allocation to read the value from the font value. An attacker may leverage that by crafting a malicious font file which has a name with UINT32_MAX, leading to read_section_as_string() to an arithmetic overflow, zero-sized allocation and further heap-based buffer overflow.(CVE-2020-14310)\n\n - There's an issue with grub2 in all versions before 2.06 when handling squashfs filesystems containing a symbolic link with name length of UINT32 bytes in size.\n The name size leads to an arithmetic overflow leading to a zero-size allocation further causing a heap-based buffer overflow with attacker controlled data.(CVE-2020-14309)\n\n - In grub2 versions before 2.06 the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This leads the function to return invalid memory allocations which can be further used to cause possible integrity, confidentiality and availability impacts during the boot process.(CVE-2020-14308)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.2, "vector": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}, "published": "2021-03-10T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.9.1 : grub2 (EulerOS-SA-2021-1601)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10713", "CVE-2020-14308", "CVE-2020-14309", "CVE-2020-14310", "CVE-2020-14311", "CVE-2020-15706", "CVE-2020-15707"], "modified": "2022-05-10T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:grub2-common", "p-cpe:/a:huawei:euleros:grub2-efi-aa64", "p-cpe:/a:huawei:euleros:grub2-efi-aa64-modules", "p-cpe:/a:huawei:euleros:grub2-tools", "cpe:/o:huawei:euleros:uvp:2.9.1"], "id": "EULEROS_SA-2021-1601.NASL", "href": "https://www.tenable.com/plugins/nessus/147445", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(147445);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/10\");\n\n script_cve_id(\n \"CVE-2020-10713\",\n \"CVE-2020-14308\",\n \"CVE-2020-14309\",\n \"CVE-2020-14310\",\n \"CVE-2020-14311\",\n \"CVE-2020-15706\",\n \"CVE-2020-15707\"\n );\n\n script_name(english:\"EulerOS Virtualization 2.9.1 : grub2 (EulerOS-SA-2021-1601)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the grub2 packages installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerabilities :\n\n - A flaw was found in grub2, prior to version 2.06. An\n attacker may use the GRUB 2 flaw to hijack and tamper\n the GRUB verification process. This flaw also allows\n the bypass of Secure Boot protections. In order to load\n an untrusted or modified kernel, an attacker would\n first need to establish access to the system such as\n gaining physical access, obtain the ability to alter a\n pxe-boot network, or have remote access to a networked\n system with root access. With this access, an attacker\n could then craft a string to cause a buffer overflow by\n injecting a malicious payload that leads to arbitrary\n code execution within GRUB. The highest threat from\n this vulnerability is to data confidentiality and\n integrity as well as system\n availability.(CVE-2020-10713)\n\n - Integer overflows were discovered in the functions\n grub_cmd_initrd and grub_initrd_init in the efilinux\n component of GRUB2, as shipped in Debian, Red Hat, and\n Ubuntu (the functionality is not included in GRUB2\n upstream), leading to a heap-based buffer overflow.\n These could be triggered by an extremely large number\n of arguments to the initrd command on 32-bit\n architectures, or a crafted filesystem with very large\n files on any architecture. An attacker could use this\n to execute arbitrary code and bypass UEFI Secure Boot\n restrictions. This issue affects GRUB2 version 2.04 and\n prior versions.(CVE-2020-15707)\n\n - GRUB2 contains a race condition in\n grub_script_function_create() leading to a\n use-after-free vulnerability which can be triggered by\n redefining a function whilst the same function is\n already executing, leading to arbitrary code execution\n and secure boot restriction bypass. This issue affects\n GRUB2 version 2.04 and prior versions.(CVE-2020-15706)\n\n - There is an issue with grub2 before version 2.06 while\n handling symlink on ext filesystems. A filesystem\n containing a symbolic link with an inode size of\n UINT32_MAX causes an arithmetic overflow leading to a\n zero-sized memory allocation with subsequent heap-based\n buffer overflow.(CVE-2020-14311)\n\n - There is an issue on grub2 before version 2.06 at\n function read_section_as_string(). It expects a font\n name to be at max UINT32_MAX - 1 length in bytes but it\n doesn't verify it before proceed with buffer allocation\n to read the value from the font value. An attacker may\n leverage that by crafting a malicious font file which\n has a name with UINT32_MAX, leading to\n read_section_as_string() to an arithmetic overflow,\n zero-sized allocation and further heap-based buffer\n overflow.(CVE-2020-14310)\n\n - There's an issue with grub2 in all versions before 2.06\n when handling squashfs filesystems containing a\n symbolic link with name length of UINT32 bytes in size.\n The name size leads to an arithmetic overflow leading\n to a zero-size allocation further causing a heap-based\n buffer overflow with attacker controlled\n data.(CVE-2020-14309)\n\n - In grub2 versions before 2.06 the grub memory allocator\n doesn't check for possible arithmetic overflows on the\n requested allocation size. This leads the function to\n return invalid memory allocations which can be further\n used to cause possible integrity, confidentiality and\n availability impacts during the boot\n process.(CVE-2020-14308)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-1601\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?0e554f72\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected grub2 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-14309\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-10713\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:grub2-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:grub2-efi-aa64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:grub2-efi-aa64-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:grub2-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.9.1\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.9.1\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.9.1\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"grub2-common-2.02-73.h20.eulerosv2r9\",\n \"grub2-efi-aa64-2.02-73.h20.eulerosv2r9\",\n \"grub2-efi-aa64-modules-2.02-73.h20.eulerosv2r9\",\n \"grub2-tools-2.02-73.h20.eulerosv2r9\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"grub2\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-01T17:15:09", "description": "This update for grub2 fixes the following issues :\n\n - CVE-2020-10713 (bsc#1168994)\n\n - CVE-2020-14308 CVE-2020-14309, CVE-2020-14310, CVE-2020-14311 (bsc#1173812)\n\n - CVE-2020-15706 (bsc#1174463)\n\n - CVE-2020-15707 (bsc#1174570)\n\n - Use overflow checking primitives where the arithmetic expression for buffer allocations may include unvalidated data\n\n - Use grub_calloc for overflow check and return NULL when it would occur \n\nThis update was imported from the SUSE:SLE-15-SP1:Update update project.", "cvss3": {"score": 8.2, "vector": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}, "published": "2020-08-10T00:00:00", "type": "nessus", "title": "openSUSE Security Update : grub2 (openSUSE-2020-1168)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10713", "CVE-2020-14308", "CVE-2020-14309", "CVE-2020-14310", "CVE-2020-14311", "CVE-2020-15706", "CVE-2020-15707"], "modified": "2022-05-13T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:grub2", "p-cpe:/a:novell:opensuse:grub2-branding-upstream", "p-cpe:/a:novell:opensuse:grub2-debuginfo", "p-cpe:/a:novell:opensuse:grub2-debugsource", "p-cpe:/a:novell:opensuse:grub2-i386-efi", "p-cpe:/a:novell:opensuse:grub2-i386-pc", "p-cpe:/a:novell:opensuse:grub2-i386-xen", "p-cpe:/a:novell:opensuse:grub2-snapper-plugin", "p-cpe:/a:novell:opensuse:grub2-systemd-sleep-plugin", "p-cpe:/a:novell:opensuse:grub2-x86_64-efi", "p-cpe:/a:novell:opensuse:grub2-x86_64-xen", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2020-1168.NASL", "href": "https://www.tenable.com/plugins/nessus/139448", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-1168.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(139448);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/13\");\n\n script_cve_id(\"CVE-2020-10713\", \"CVE-2020-14308\", \"CVE-2020-14309\", \"CVE-2020-14310\", \"CVE-2020-14311\", \"CVE-2020-15706\", \"CVE-2020-15707\");\n script_xref(name:\"IAVA\", value:\"2020-A-0349\");\n\n script_name(english:\"openSUSE Security Update : grub2 (openSUSE-2020-1168)\");\n script_summary(english:\"Check for the openSUSE-2020-1168 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for grub2 fixes the following issues :\n\n - CVE-2020-10713 (bsc#1168994)\n\n - CVE-2020-14308 CVE-2020-14309, CVE-2020-14310,\n CVE-2020-14311 (bsc#1173812)\n\n - CVE-2020-15706 (bsc#1174463)\n\n - CVE-2020-15707 (bsc#1174570)\n\n - Use overflow checking primitives where the arithmetic\n expression for buffer allocations may include\n unvalidated data\n\n - Use grub_calloc for overflow check and return NULL when\n it would occur \n\nThis update was imported from the SUSE:SLE-15-SP1:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1168994\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1173812\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1174463\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1174570\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected grub2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-14309\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:grub2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:grub2-branding-upstream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:grub2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:grub2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:grub2-i386-efi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:grub2-i386-pc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:grub2-i386-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:grub2-snapper-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:grub2-systemd-sleep-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:grub2-x86_64-efi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:grub2-x86_64-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/08/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"grub2-2.02-lp151.21.21.4\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"grub2-branding-upstream-2.02-lp151.21.21.4\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"grub2-debuginfo-2.02-lp151.21.21.4\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"grub2-debugsource-2.02-lp151.21.21.4\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"grub2-i386-efi-2.02-lp151.21.21.4\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"grub2-i386-pc-2.02-lp151.21.21.4\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"grub2-i386-xen-2.02-lp151.21.21.4\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"grub2-snapper-plugin-2.02-lp151.21.21.4\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"grub2-systemd-sleep-plugin-2.02-lp151.21.21.4\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"grub2-x86_64-efi-2.02-lp151.21.21.4\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"grub2-x86_64-xen-2.02-lp151.21.21.4\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"grub2 / grub2-branding-upstream / grub2-debuginfo / etc\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-31T16:35:14", "description": "This update for grub2 fixes the following issues :\n\nFix for CVE-2020-10713 (bsc#1168994)\n\nFix for CVE-2020-14308 CVE-2020-14309, CVE-2020-14310, CVE-2020-14311 (bsc#1173812)\n\nFix for CVE-2020-15706 (bsc#1174463)\n\nFix for CVE-2020-15707 (bsc#1174570)\n\nUse overflow checking primitives where the arithmetic expression for buffer\n\nUse grub_calloc for overflow check and return NULL when it would occur\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.2, "vector": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}, "published": "2020-07-30T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : grub2 (SUSE-SU-2020:2074-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10713", "CVE-2020-14308", "CVE-2020-14309", "CVE-2020-14310", "CVE-2020-14311", "CVE-2020-15706", "CVE-2020-15707"], "modified": "2022-05-12T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:grub2", "p-cpe:/a:novell:suse_linux:grub2-debuginfo", "p-cpe:/a:novell:suse_linux:grub2-debugsource", "p-cpe:/a:novell:suse_linux:grub2-s390x-emu", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2020-2074-1.NASL", "href": "https://www.tenable.com/plugins/nessus/139174", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:2074-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(139174);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\n \"CVE-2020-10713\",\n \"CVE-2020-14308\",\n \"CVE-2020-14309\",\n \"CVE-2020-14310\",\n \"CVE-2020-14311\",\n \"CVE-2020-15706\",\n \"CVE-2020-15707\"\n );\n script_xref(name:\"IAVA\", value:\"2020-A-0349\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : grub2 (SUSE-SU-2020:2074-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for grub2 fixes the following issues :\n\nFix for CVE-2020-10713 (bsc#1168994)\n\nFix for CVE-2020-14308 CVE-2020-14309, CVE-2020-14310, CVE-2020-14311\n(bsc#1173812)\n\nFix for CVE-2020-15706 (bsc#1174463)\n\nFix for CVE-2020-15707 (bsc#1174570)\n\nUse overflow checking primitives where the arithmetic expression for\nbuffer\n\nUse grub_calloc for overflow check and return NULL when it would occur\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168994\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1173812\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1174463\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1174570\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-10713/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-14308/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-14309/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-14310/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-14311/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-15706/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-15707/\");\n # https://www.suse.com/support/update/announcement/2020/suse-su-20202074-1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a6a603b7\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Server Applications 15-SP2 :\n\nzypper in -t patch\nSUSE-SLE-Module-Server-Applications-15-SP2-2020-2074=1\n\nSUSE Linux Enterprise Module for Basesystem 15-SP2 :\n\nzypper in -t patch SUSE-SLE-Module-Basesystem-15-SP2-2020-2074=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-14309\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-10713\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:grub2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:grub2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:grub2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:grub2-s390x-emu\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP2\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"s390x\", reference:\"grub2-s390x-emu-2.04-9.7.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"grub2-2.04-9.7.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"grub2-debuginfo-2.04-9.7.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"grub2-debugsource-2.04-9.7.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", cpu:\"s390x\", reference:\"grub2-s390x-emu-2.04-9.7.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"grub2-2.04-9.7.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"grub2-debuginfo-2.04-9.7.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"grub2-debugsource-2.04-9.7.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"grub2\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-31T16:35:59", "description": "This update for grub2 fixes the following issues :\n\nFix for CVE-2020-10713 (bsc#1168994)\n\nFix for CVE-2020-14308 CVE-2020-14309, CVE-2020-14310, CVE-2020-14311 (bsc#1173812)\n\nFix for CVE-2020-15706 (bsc#1174463)\n\nFix for CVE-2020-15707 (bsc#1174570)\n\nUse overflow checking primitives where the arithmetic expression for buffer allocations may include unvalidated data\n\nUse grub_calloc for overflow check and return NULL when it would occur\n\nUse gcc-9 compiler for overflow check builtins\n\nBackport gcc-9 build fixes\n\nFix packed-not-aligned error on GCC 8 (bsc#1084632)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.2, "vector": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}, "published": "2020-07-30T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : grub2 (SUSE-SU-2020:2079-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10713", "CVE-2020-14308", "CVE-2020-14309", "CVE-2020-14310", "CVE-2020-14311", "CVE-2020-15706", "CVE-2020-15707"], "modified": "2022-05-12T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:grub2", "p-cpe:/a:novell:suse_linux:grub2-debuginfo", "p-cpe:/a:novell:suse_linux:grub2-debugsource", "p-cpe:/a:novell:suse_linux:grub2-i386-pc", "p-cpe:/a:novell:suse_linux:grub2-s390x-emu", "p-cpe:/a:novell:suse_linux:grub2-x86_64-efi", "p-cpe:/a:novell:suse_linux:grub2-x86_64-xen", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2020-2079-1.NASL", "href": "https://www.tenable.com/plugins/nessus/139178", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:2079-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(139178);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\n \"CVE-2020-10713\",\n \"CVE-2020-14308\",\n \"CVE-2020-14309\",\n \"CVE-2020-14310\",\n \"CVE-2020-14311\",\n \"CVE-2020-15706\",\n \"CVE-2020-15707\"\n );\n script_xref(name:\"IAVA\", value:\"2020-A-0349\");\n\n script_name(english:\"SUSE SLES12 Security Update : grub2 (SUSE-SU-2020:2079-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for grub2 fixes the following issues :\n\nFix for CVE-2020-10713 (bsc#1168994)\n\nFix for CVE-2020-14308 CVE-2020-14309, CVE-2020-14310, CVE-2020-14311\n(bsc#1173812)\n\nFix for CVE-2020-15706 (bsc#1174463)\n\nFix for CVE-2020-15707 (bsc#1174570)\n\nUse overflow checking primitives where the arithmetic expression for\nbuffer allocations may include unvalidated data\n\nUse grub_calloc for overflow check and return NULL when it would occur\n\nUse gcc-9 compiler for overflow check builtins\n\nBackport gcc-9 build fixes\n\nFix packed-not-aligned error on GCC 8 (bsc#1084632)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1084632\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168994\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1173812\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1174463\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1174570\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-10713/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-14308/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-14309/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-14310/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-14311/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-15706/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-15707/\");\n # https://www.suse.com/support/update/announcement/2020/suse-su-20202079-1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?03fdfd67\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud Crowbar 8 :\n\nzypper in -t patch SUSE-OpenStack-Cloud-Crowbar-8-2020-2079=1\n\nSUSE OpenStack Cloud 8 :\n\nzypper in -t patch SUSE-OpenStack-Cloud-8-2020-2079=1\n\nSUSE Linux Enterprise Server for SAP 12-SP3 :\n\nzypper in -t patch SUSE-SLE-SAP-12-SP3-2020-2079=1\n\nSUSE Linux Enterprise Server 12-SP3-LTSS :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP3-2020-2079=1\n\nSUSE Linux Enterprise Server 12-SP3-BCL :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP3-BCL-2020-2079=1\n\nSUSE Enterprise Storage 5 :\n\nzypper in -t patch SUSE-Storage-5-2020-2079=1\n\nHPE Helion Openstack 8 :\n\nzypper in -t patch HPE-Helion-OpenStack-8-2020-2079=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-14309\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-10713\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:grub2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:grub2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:grub2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:grub2-i386-pc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:grub2-s390x-emu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:grub2-x86_64-efi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:grub2-x86_64-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"grub2-i386-pc-2.02-4.53.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"grub2-x86_64-efi-2.02-4.53.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"grub2-x86_64-xen-2.02-4.53.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"s390x\", reference:\"grub2-s390x-emu-2.02-4.53.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"grub2-2.02-4.53.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"grub2-debuginfo-2.02-4.53.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"grub2-debugsource-2.02-4.53.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"grub2\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-31T15:35:44", "description": "The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2020:14440-1 advisory.\n\n - A flaw was found in grub2, prior to version 2.06. An attacker may use the GRUB 2 flaw to hijack and tamper the GRUB verification process. This flaw also allows the bypass of Secure Boot protections. In order to load an untrusted or modified kernel, an attacker would first need to establish access to the system such as gaining physical access, obtain the ability to alter a pxe-boot network, or have remote access to a networked system with root access. With this access, an attacker could then craft a string to cause a buffer overflow by injecting a malicious payload that leads to arbitrary code execution within GRUB. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2020-10713)\n\n - In grub2 versions before 2.06 the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This leads the function to return invalid memory allocations which can be further used to cause possible integrity, confidentiality and availability impacts during the boot process. (CVE-2020-14308)\n\n - There's an issue with grub2 in all versions before 2.06 when handling squashfs filesystems containing a symbolic link with name length of UINT32 bytes in size. The name size leads to an arithmetic overflow leading to a zero-size allocation further causing a heap-based buffer overflow with attacker controlled data. (CVE-2020-14309)\n\n - There is an issue on grub2 before version 2.06 at function read_section_as_string(). It expects a font name to be at max UINT32_MAX - 1 length in bytes but it doesn't verify it before proceed with buffer allocation to read the value from the font value. An attacker may leverage that by crafting a malicious font file which has a name with UINT32_MAX, leading to read_section_as_string() to an arithmetic overflow, zero-sized allocation and further heap-based buffer overflow. (CVE-2020-14310)\n\n - There is an issue with grub2 before version 2.06 while handling symlink on ext filesystems. A filesystem containing a symbolic link with an inode size of UINT32_MAX causes an arithmetic overflow leading to a zero-sized memory allocation with subsequent heap-based buffer overflow. (CVE-2020-14311)\n\n - GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure boot restriction bypass. This issue affects GRUB2 version 2.04 and prior versions. (CVE-2020-15706)\n\n - Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2 upstream), leading to a heap-based buffer overflow. These could be triggered by an extremely large number of arguments to the initrd command on 32-bit architectures, or a crafted filesystem with very large files on any architecture. An attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. This issue affects GRUB2 version 2.04 and prior versions. (CVE-2020-15707)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.2, "vector": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}, "published": "2021-06-10T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : grub2 (SUSE-SU-2020:14440-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10713", "CVE-2020-14308", "CVE-2020-14309", "CVE-2020-14310", "CVE-2020-14311", "CVE-2020-15706", "CVE-2020-15707"], "modified": "2022-05-09T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:grub2-x86_64-efi", "p-cpe:/a:novell:suse_linux:grub2-x86_64-xen", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2020-14440-1.NASL", "href": "https://www.tenable.com/plugins/nessus/150632", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2020:14440-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(150632);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\n \"CVE-2020-10713\",\n \"CVE-2020-14308\",\n \"CVE-2020-14309\",\n \"CVE-2020-14310\",\n \"CVE-2020-14311\",\n \"CVE-2020-15706\",\n \"CVE-2020-15707\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2020:14440-1\");\n script_xref(name:\"IAVA\", value:\"2020-A-0349\");\n\n script_name(english:\"SUSE SLES11 Security Update : grub2 (SUSE-SU-2020:14440-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2020:14440-1 advisory.\n\n - A flaw was found in grub2, prior to version 2.06. An attacker may use the GRUB 2 flaw to hijack and tamper\n the GRUB verification process. This flaw also allows the bypass of Secure Boot protections. In order to\n load an untrusted or modified kernel, an attacker would first need to establish access to the system such\n as gaining physical access, obtain the ability to alter a pxe-boot network, or have remote access to a\n networked system with root access. With this access, an attacker could then craft a string to cause a\n buffer overflow by injecting a malicious payload that leads to arbitrary code execution within GRUB. The\n highest threat from this vulnerability is to data confidentiality and integrity as well as system\n availability. (CVE-2020-10713)\n\n - In grub2 versions before 2.06 the grub memory allocator doesn't check for possible arithmetic overflows on\n the requested allocation size. This leads the function to return invalid memory allocations which can be\n further used to cause possible integrity, confidentiality and availability impacts during the boot\n process. (CVE-2020-14308)\n\n - There's an issue with grub2 in all versions before 2.06 when handling squashfs filesystems containing a\n symbolic link with name length of UINT32 bytes in size. The name size leads to an arithmetic overflow\n leading to a zero-size allocation further causing a heap-based buffer overflow with attacker controlled\n data. (CVE-2020-14309)\n\n - There is an issue on grub2 before version 2.06 at function read_section_as_string(). It expects a font\n name to be at max UINT32_MAX - 1 length in bytes but it doesn't verify it before proceed with buffer\n allocation to read the value from the font value. An attacker may leverage that by crafting a malicious\n font file which has a name with UINT32_MAX, leading to read_section_as_string() to an arithmetic overflow,\n zero-sized allocation and further heap-based buffer overflow. (CVE-2020-14310)\n\n - There is an issue with grub2 before version 2.06 while handling symlink on ext filesystems. A filesystem\n containing a symbolic link with an inode size of UINT32_MAX causes an arithmetic overflow leading to a\n zero-sized memory allocation with subsequent heap-based buffer overflow. (CVE-2020-14311)\n\n - GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability\n which can be triggered by redefining a function whilst the same function is already executing, leading to\n arbitrary code execution and secure boot restriction bypass. This issue affects GRUB2 version 2.04 and\n prior versions. (CVE-2020-15706)\n\n - Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux\n component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2\n upstream), leading to a heap-based buffer overflow. These could be triggered by an extremely large number\n of arguments to the initrd command on 32-bit architectures, or a crafted filesystem with very large files\n on any architecture. An attacker could use this to execute arbitrary code and bypass UEFI Secure Boot\n restrictions. This issue affects GRUB2 version 2.04 and prior versions. (CVE-2020-15707)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1084632\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1168994\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1173812\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1174463\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1174570\");\n # https://lists.suse.com/pipermail/sle-security-updates/2020-July/007201.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c4a207db\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-10713\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-14308\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-14309\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-14310\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-14311\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-15706\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-15707\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected grub2-x86_64-efi and / or grub2-x86_64-xen packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-14309\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-10713\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:grub2-x86_64-efi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:grub2-x86_64-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES11', 'SUSE ' + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE ' + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + sp);\n\npkgs = [\n {'reference':'grub2-x86_64-efi-2.00-0.66.15', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},\n {'reference':'grub2-x86_64-xen-2.00-0.66.15', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},\n {'reference':'grub2-x86_64-efi-2.00-0.66.15', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},\n {'reference':'grub2-x86_64-xen-2.00-0.66.15', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n exists_check = NULL;\n rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release && exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n else if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'grub2-x86_64-efi / grub2-x86_64-xen');\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-31T16:36:23", "description": "Several vulnerabilities have been discovered in the GRUB2 bootloader.\n\n - CVE-2020-10713 A flaw in the grub.cfg parsing code was found allowing to break UEFI Secure Boot and load arbitrary code.\n Details can be found at https://www.eclypsium.com/2020/07/29/theres-a-hole-in-th e-boot/\n\n - CVE-2020-14308 It was discovered that grub_malloc does not validate the allocation size allowing for arithmetic overflow and subsequently a heap-based buffer overflow.\n\n - CVE-2020-14309 An integer overflow in grub_squash_read_symlink may lead to a heap based buffer overflow.\n\n - CVE-2020-14310 An integer overflow in read_section_from_string may lead to a heap based buffer overflow.\n\n - CVE-2020-14311 An integer overflow in grub_ext2_read_link may lead to a heap-based buffer overflow.\n\n - CVE-2020-15706 script: Avoid a use-after-free when redefining a function during execution.\n\n - CVE-2020-15707 An integer overflow flaw was found in the initrd size handling.\n\nFurther detailed information can be found at https://www.debian.org/security/2020-GRUB-UEFI-SecureBoot", "cvss3": {"score": 8.2, "vector": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}, "published": "2020-07-30T00:00:00", "type": "nessus", "title": "Debian DSA-4735-1 : grub2 - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10713", "CVE-2020-14308", "CVE-2020-14309", "CVE-2020-14310", "CVE-2020-14311", "CVE-2020-15706", "CVE-2020-15707"], "modified": "2022-05-13T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:grub2", "cpe:/o:debian:debian_linux:10.0"], "id": "DEBIAN_DSA-4735.NASL", "href": "https://www.tenable.com/plugins/nessus/139099", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4735. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(139099);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/13\");\n\n script_cve_id(\"CVE-2020-10713\", \"CVE-2020-14308\", \"CVE-2020-14309\", \"CVE-2020-14310\", \"CVE-2020-14311\", \"CVE-2020-15706\", \"CVE-2020-15707\");\n script_xref(name:\"DSA\", value:\"4735\");\n script_xref(name:\"IAVA\", value:\"2020-A-0349\");\n\n script_name(english:\"Debian DSA-4735-1 : grub2 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Several vulnerabilities have been discovered in the GRUB2 bootloader.\n\n - CVE-2020-10713\n A flaw in the grub.cfg parsing code was found allowing\n to break UEFI Secure Boot and load arbitrary code.\n Details can be found at\n https://www.eclypsium.com/2020/07/29/theres-a-hole-in-th\n e-boot/\n\n - CVE-2020-14308\n It was discovered that grub_malloc does not validate the\n allocation size allowing for arithmetic overflow and\n subsequently a heap-based buffer overflow.\n\n - CVE-2020-14309\n An integer overflow in grub_squash_read_symlink may lead\n to a heap based buffer overflow.\n\n - CVE-2020-14310\n An integer overflow in read_section_from_string may lead\n to a heap based buffer overflow.\n\n - CVE-2020-14311\n An integer overflow in grub_ext2_read_link may lead to a\n heap-based buffer overflow.\n\n - CVE-2020-15706\n script: Avoid a use-after-free when redefining a\n function during execution.\n\n - CVE-2020-15707\n An integer overflow flaw was found in the initrd size\n handling.\n\nFurther detailed information can be found at\nhttps://www.debian.org/security/2020-GRUB-UEFI-SecureBoot\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2020-10713\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.eclypsium.com/2020/07/29/theres-a-hole-in-the-boot/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2020-14308\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2020-14309\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2020-14310\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2020-14311\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2020-15706\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2020-15707\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2020-GRUB-UEFI-SecureBoot\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/grub2\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/buster/grub2\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2020/dsa-4735\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade the grub2 packages.\n\nFor the stable distribution (buster), these problems have been fixed\nin version 2.02+dfsg1-20+deb10u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-14309\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:grub2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"10.0\", prefix:\"grub-common\", reference:\"2.02+dfsg1-20+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"grub-coreboot\", reference:\"2.02+dfsg1-20+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"grub-coreboot-bin\", reference:\"2.02+dfsg1-20+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"grub-coreboot-dbg\", reference:\"2.02+dfsg1-20+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"grub-efi\", reference:\"2.02+dfsg1-20+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"grub-efi-amd64\", reference:\"2.02+dfsg1-20+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"grub-efi-amd64-bin\", reference:\"2.02+dfsg1-20+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"grub-efi-amd64-dbg\", reference:\"2.02+dfsg1-20+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"grub-efi-amd64-signed-template\", reference:\"2.02+dfsg1-20+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"grub-efi-arm\", reference:\"2.02+dfsg1-20+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"grub-efi-arm-bin\", reference:\"2.02+dfsg1-20+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"grub-efi-arm-dbg\", reference:\"2.02+dfsg1-20+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"grub-efi-arm64\", reference:\"2.02+dfsg1-20+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"grub-efi-arm64-bin\", reference:\"2.02+dfsg1-20+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"grub-efi-arm64-dbg\", reference:\"2.02+dfsg1-20+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"grub-efi-arm64-signed-template\", reference:\"2.02+dfsg1-20+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"grub-efi-ia32\", reference:\"2.02+dfsg1-20+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"grub-efi-ia32-bin\", reference:\"2.02+dfsg1-20+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"grub-efi-ia32-dbg\", reference:\"2.02+dfsg1-20+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"grub-efi-ia32-signed-template\", reference:\"2.02+dfsg1-20+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"grub-emu\", reference:\"2.02+dfsg1-20+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"grub-emu-dbg\", reference:\"2.02+dfsg1-20+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"grub-firmware-qemu\", reference:\"2.02+dfsg1-20+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"grub-ieee1275\", reference:\"2.02+dfsg1-20+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"grub-ieee1275-bin\", reference:\"2.02+dfsg1-20+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"grub-ieee1275-dbg\", reference:\"2.02+dfsg1-20+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"grub-linuxbios\", reference:\"2.02+dfsg1-20+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"grub-mount-udeb\", reference:\"2.02+dfsg1-20+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"grub-pc\", reference:\"2.02+dfsg1-20+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"grub-pc-bin\", reference:\"2.02+dfsg1-20+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"grub-pc-dbg\", reference:\"2.02+dfsg1-20+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"grub-rescue-pc\", reference:\"2.02+dfsg1-20+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"grub-theme-starfield\", reference:\"2.02+dfsg1-20+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"grub-uboot\", reference:\"2.02+dfsg1-20+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"grub-uboot-bin\", reference:\"2.02+dfsg1-20+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"grub-uboot-dbg\", reference:\"2.02+dfsg1-20+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"grub-xen\", reference:\"2.02+dfsg1-20+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"grub-xen-bin\", reference:\"2.02+dfsg1-20+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"grub-xen-dbg\", reference:\"2.02+dfsg1-20+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"grub-xen-host\", reference:\"2.02+dfsg1-20+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"grub-yeeloong\", reference:\"2.02+dfsg1-20+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"grub-yeeloong-bin\", reference:\"2.02+dfsg1-20+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"grub-yeeloong-dbg\", reference:\"2.02+dfsg1-20+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"grub2\", reference:\"2.02+dfsg1-20+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"grub2-common\", reference:\"2.02+dfsg1-20+deb10u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-31T16:34:51", "description": "This update for grub2 fixes the following issues :\n\nFix for CVE-2020-10713 (bsc#1168994)\n\nFix for CVE-2020-14308 CVE-2020-14309, CVE-2020-14310, CVE-2020-14311 (bsc#1173812)\n\nFix for CVE-2020-15706 (bsc#1174463)\n\nFix for CVE-2020-15707 (bsc#1174570)\n\nUse overflow checking primitives where the arithmetic expression for buffer allocations may include unvalidated data\n\nUse grub_calloc for overflow check and return NULL when it would occur\n\nUse gcc-9 compiler for overflow check builtins\n\nBackport gcc-9 build fixes\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.2, "vector": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}, "published": "2020-07-30T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : grub2 (SUSE-SU-2020:2078-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10713", "CVE-2020-14308", "CVE-2020-14309", "CVE-2020-14310", "CVE-2020-14311", "CVE-2020-15706", "CVE-2020-15707"], "modified": "2022-05-12T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:grub2", "p-cpe:/a:novell:suse_linux:grub2-debuginfo", "p-cpe:/a:novell:suse_linux:grub2-debugsource", "p-cpe:/a:novell:suse_linux:grub2-i386-pc", "p-cpe:/a:novell:suse_linux:grub2-s390x-emu", "p-cpe:/a:novell:suse_linux:grub2-x86_64-efi", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2020-2078-1.NASL", "href": "https://www.tenable.com/plugins/nessus/139177", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:2078-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(139177);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\n \"CVE-2020-10713\",\n \"CVE-2020-14308\",\n \"CVE-2020-14309\",\n \"CVE-2020-14310\",\n \"CVE-2020-14311\",\n \"CVE-2020-15706\",\n \"CVE-2020-15707\"\n );\n script_xref(name:\"IAVA\", value:\"2020-A-0349\");\n\n script_name(english:\"SUSE SLES12 Security Update : grub2 (SUSE-SU-2020:2078-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for grub2 fixes the following issues :\n\nFix for CVE-2020-10713 (bsc#1168994)\n\nFix for CVE-2020-14308 CVE-2020-14309, CVE-2020-14310, CVE-2020-14311\n(bsc#1173812)\n\nFix for CVE-2020-15706 (bsc#1174463)\n\nFix for CVE-2020-15707 (bsc#1174570)\n\nUse overflow checking primitives where the arithmetic expression for\nbuffer allocations may include unvalidated data\n\nUse grub_calloc for overflow check and return NULL when it would occur\n\nUse gcc-9 compiler for overflow check builtins\n\nBackport gcc-9 build fixes\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168994\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1173812\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1174463\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1174570\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-10713/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-14308/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-14309/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-14310/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-14311/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-15706/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-15707/\");\n # https://www.suse.com/support/update/announcement/2020/suse-su-20202078-1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?327c02b3\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud Crowbar 9 :\n\nzypper in -t patch SUSE-OpenStack-Cloud-Crowbar-9-2020-2078=1\n\nSUSE OpenStack Cloud 9 :\n\nzypper in -t patch SUSE-OpenStack-Cloud-9-2020-2078=1\n\nSUSE Linux Enterprise Server for SAP 12-SP4 :\n\nzypper in -t patch SUSE-SLE-SAP-12-SP4-2020-2078=1\n\nSUSE Linux Enterprise Server 12-SP5 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP5-2020-2078=1\n\nSUSE Linux Enterprise Server 12-SP4-LTSS :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP4-LTSS-2020-2078=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-14309\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-10713\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:grub2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:grub2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:grub2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:grub2-i386-pc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:grub2-s390x-emu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:grub2-x86_64-efi\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(4|5)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP4/5\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"grub2-i386-pc-2.02-12.31.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"grub2-x86_64-efi-2.02-12.31.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"s390x\", reference:\"grub2-s390x-emu-2.02-12.31.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"grub2-2.02-12.31.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"grub2-debuginfo-2.02-12.31.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"grub2-debugsource-2.02-12.31.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", cpu:\"x86_64\", reference:\"grub2-i386-pc-2.02-12.31.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", cpu:\"x86_64\", reference:\"grub2-x86_64-efi-2.02-12.31.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", cpu:\"s390x\", reference:\"grub2-s390x-emu-2.02-12.31.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"grub2-2.02-12.31.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"grub2-debuginfo-2.02-12.31.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"grub2-debugsource-2.02-12.31.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"grub2\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-01T17:15:08", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3273 advisory.\n\n - grub2: Crafted grub.cfg file can lead to arbitrary code execution during boot process (CVE-2020-10713)\n\n - grub2: grub_malloc does not validate allocation size allowing for arithmetic overflow and subsequent heap- based buffer overflow (CVE-2020-14308)\n\n - grub2: Integer overflow in grub_squash_read_symlink may lead to heap-based buffer overflow (CVE-2020-14309)\n\n - grub2: Integer overflow read_section_as_string may lead to heap-based buffer overflow (CVE-2020-14310)\n\n - grub2: Integer overflow in grub_ext2_read_link leads to heap-based buffer overflow (CVE-2020-14311)\n\n - grub2: Fail kernel validation without shim protocol (CVE-2020-15705)\n\n - grub2: Use-after-free redefining a function whilst the same function is already executing (CVE-2020-15706)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.2, "vector": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}, "published": "2020-08-03T00:00:00", "type": "nessus", "title": "RHEL 7 : grub2 (RHSA-2020:3273)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10713", "CVE-2020-14308", "CVE-2020-14309", "CVE-2020-14310", "CVE-2020-14311", "CVE-2020-15705", "CVE-2020-15706"], "modified": "2022-05-12T00:00:00", "cpe": ["cpe:/o:redhat:rhel_aus:7.2", "p-cpe:/a:redhat:enterprise_linux:grub2", "p-cpe:/a:redhat:enterprise_linux:grub2-common", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-aa64-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32-cdboot", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64-cdboot", "p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-pc", "p-cpe:/a:redhat:enterprise_linux:grub2-pc-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-ppc-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-ppc64-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-ppc64le-modules", "p-cpe:/a:redhat:enterprise_linux:grub2-tools", "p-cpe:/a:redhat:enterprise_linux:grub2-tools-extra", "p-cpe:/a:redhat:enterprise_linux:grub2-tools-minimal", "p-cpe:/a:redhat:enterprise_linux:mokutil", "p-cpe:/a:redhat:enterprise_linux:shim", "p-cpe:/a:redhat:enterprise_linux:shim-unsigned-ia32", "p-cpe:/a:redhat:enterprise_linux:shim-unsigned-x64"], "id": "REDHAT-RHSA-2020-3273.NASL", "href": "https://www.tenable.com/plugins/nessus/139284", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:3273. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(139284);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\n \"CVE-2020-10713\",\n \"CVE-2020-14308\",\n \"CVE-2020-14309\",\n \"CVE-2020-14310\",\n \"CVE-2020-14311\",\n \"CVE-2020-15705\",\n \"CVE-2020-15706\"\n );\n script_xref(name:\"RHSA\", value:\"2020:3273\");\n script_xref(name:\"IAVA\", value:\"2020-A-0349\");\n\n script_name(english:\"RHEL 7 : grub2 (RHSA-2020:3273)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:3273 advisory.\n\n - grub2: Crafted grub.cfg file can lead to arbitrary code execution during boot process (CVE-2020-10713)\n\n - grub2: grub_malloc does not validate allocation size allowing for arithmetic overflow and subsequent heap-\n based buffer overflow (CVE-2020-14308)\n\n - grub2: Integer overflow in grub_squash_read_symlink may lead to heap-based buffer overflow\n (CVE-2020-14309)\n\n - grub2: Integer overflow read_section_as_string may lead to heap-based buffer overflow (CVE-2020-14310)\n\n - grub2: Integer overflow in grub_ext2_read_link leads to heap-based buffer overflow (CVE-2020-14311)\n\n - grub2: Fail kernel validation without shim protocol (CVE-2020-15705)\n\n - grub2: Use-after-free redefining a function whilst the same function is already executing (CVE-2020-15706)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/78.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/122.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/190.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/416.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/440.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/787.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-10713\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-14308\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-14309\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-14310\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-14311\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-15705\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-15706\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:3273\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1825243\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1852009\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1852014\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1852022\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1852030\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1860978\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1861118\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-14309\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-10713\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(78, 122, 190, 416, 440, 787);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/08/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-aa64-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32-cdboot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-ia32-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64-cdboot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-efi-x64-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-pc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-pc-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-ppc-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-ppc64-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-ppc64le-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-tools-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:grub2-tools-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mokutil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:shim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:shim-unsigned-ia32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:shim-unsigned-x64\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '7.2')) audit(AUDIT_OS_NOT, 'Red Hat 7.2', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'rhel_aus_7_2_server': [\n 'rhel-7-server-aus-debug-rpms',\n 'rhel-7-server-aus-debug-rpms__7_DOT_2__x86_64',\n 'rhel-7-server-aus-optional-debug-rpms',\n 'rhel-7-server-aus-optional-debug-rpms__7_DOT_2__x86_64',\n 'rhel-7-server-aus-optional-rpms',\n 'rhel-7-server-aus-optional-rpms__7_DOT_2__x86_64',\n 'rhel-7-server-aus-optional-source-rpms',\n 'rhel-7-server-aus-optional-source-rpms__7_DOT_2__x86_64',\n 'rhel-7-server-aus-rpms',\n 'rhel-7-server-aus-rpms__7_DOT_2__x86_64',\n 'rhel-7-server-aus-source-rpms',\n 'rhel-7-server-aus-source-rpms__7_DOT_2__x86_64'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar pkgs = [\n {'reference':'grub2-2.02-0.86.el7_2', 'sp':'2', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_2_server']},\n {'reference':'grub2-common-2.02-0.86.el7_2', 'sp':'2', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_2_server']},\n {'reference':'grub2-efi-aa64-modules-2.02-0.86.el7_2', 'sp':'2', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_2_server']},\n {'reference':'grub2-efi-ia32-2.02-0.86.el7_2', 'sp':'2', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_2_server']},\n {'reference':'grub2-efi-ia32-cdboot-2.02-0.86.el7_2', 'sp':'2', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_2_server']},\n {'reference':'grub2-efi-ia32-modules-2.02-0.86.el7_2', 'sp':'2', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_2_server']},\n {'reference':'grub2-efi-x64-2.02-0.86.el7_2', 'sp':'2', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_2_server']},\n {'reference':'grub2-efi-x64-cdboot-2.02-0.86.el7_2', 'sp':'2', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_2_server']},\n {'reference':'grub2-efi-x64-modules-2.02-0.86.el7_2', 'sp':'2', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_2_server']},\n {'reference':'grub2-pc-2.02-0.86.el7_2', 'sp':'2', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_2_server']},\n {'reference':'grub2-pc-modules-2.02-0.86.el7_2', 'sp':'2', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_2_server']},\n {'reference':'grub2-ppc-modules-2.02-0.86.el7_2', 'sp':'2', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_2_server']},\n {'reference':'grub2-ppc64-modules-2.02-0.86.el7_2', 'sp':'2', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_2_server']},\n {'reference':'grub2-ppc64le-modules-2.02-0.86.el7_2', 'sp':'2', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_2_server']},\n {'reference':'grub2-tools-2.02-0.86.el7_2', 'sp':'2', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_2_server']},\n {'reference':'grub2-tools-extra-2.02-0.86.el7_2', 'sp':'2', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_2_server']},\n {'reference':'grub2-tools-minimal-2.02-0.86.el7_2', 'sp':'2', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['rhel_aus_7_2_server']},\n {'reference':'mokutil-15-8.el7_2', 'sp':'2', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_2_server']},\n {'reference':'shim-15-8.el7_2', 'sp':'2', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_2_server']},\n {'reference':'shim-unsigned-ia32-15-8.el7', 'sp':'2', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_2_server']},\n {'reference':'shim-unsigned-x64-15-8.el7', 'sp':'2', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_7_2_server']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Advanced Update Support repository.\\n' +\n 'Access to this repository requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'grub2 / grub2-common / grub2-efi-aa64-modules / grub2-efi-ia32 / etc');\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-24T14:49:01", "description": "According to the versions of the grub2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - The GRand Unified Bootloader (GRUB) is a highly configurable and customizable bootloader with modular architecture. It supports a rich variety of kernel formats, file systems, computer architectures and hardware devices.Security Fix(es):There's an issue with grub2 in all versions before 2.06 when handling squashfs filesystems containing a symbolic link with name length of UINT32 bytes in size. The name size leads to an arithmetic overflow leading to a zero-size allocation further causing a heap-based buffer overflow with attacker controlled data.(CVE-2020-14309)There is an issue on grub2 before version 2.06 at function read_section_as_string(). It expects a font name to be at max UINT32_MAX - 1 length in bytes but it doesn't verify it before proceed with buffer allocation to read the value from the font value. An attacker may leverage that by crafting a malicious font file which has a name with UINT32_MAX, leading to read_section_as_string() to an arithmetic overflow, zero-sized allocation and further heap-based buffer overflow.(CVE-2020-14310)There is an issue with grub2 before version 2.06 while handling symlink on ext filesystems. A filesystem containing a symbolic link with an inode size of UINT32_MAX causes an arithmetic overflow leading to a zero-sized memory allocation with subsequent heap-based buffer overflow.(CVE-2020-14311)GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure boot restriction bypass. This issue affects GRUB2 version 2.04 and prior versions.(CVE-2020-15706)Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2 upstream), leading to a heap-based buffer overflow. These could be triggered by an extremely large number of arguments to the initrd command on 32-bit architectures, or a crafted filesystem with very large files on any architecture. An attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. This issue affects GRUB2 version 2.04 and prior versions.(CVE-2020-15707)In grub2 versions before 2.06 the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This leads the function to return invalid memory allocations which can be further used to cause possible integrity, confidentiality and availability impacts during the boot process.(CVE-2020-14308)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 6.7, "vector": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-08-28T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP8 : grub2 (EulerOS-SA-2020-1853)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-14308", "CVE-2020-14309", "CVE-2020-14310", "CVE-2020-14311", "CVE-2020-15706", "CVE-2020-15707"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:grub2-common", "p-cpe:/a:huawei:euleros:grub2-efi-aa64", "p-cpe:/a:huawei:euleros:grub2-efi-aa64-cdboot", "p-cpe:/a:huawei:euleros:grub2-efi-aa64-modules", "p-cpe:/a:huawei:euleros:grub2-tools", "p-cpe:/a:huawei:euleros:grub2-tools-extra", "p-cpe:/a:huawei:euleros:grub2-tools-minimal", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2020-1853.NASL", "href": "https://www.tenable.com/plugins/nessus/139956", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(139956);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2020-14308\",\n \"CVE-2020-14309\",\n \"CVE-2020-14310\",\n \"CVE-2020-14311\",\n \"CVE-2020-15706\",\n \"CVE-2020-15707\"\n );\n script_xref(name:\"IAVA\", value:\"2020-A-0349\");\n\n script_name(english:\"EulerOS 2.0 SP8 : grub2 (EulerOS-SA-2020-1853)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the grub2 packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - The GRand Unified Bootloader (GRUB) is a highly\n configurable and customizable bootloader with modular\n architecture. It supports a rich variety of kernel\n formats, file systems, computer architectures and\n hardware devices.Security Fix(es):There's an issue with\n grub2 in all versions before 2.06 when handling\n squashfs filesystems containing a symbolic link with\n name length of UINT32 bytes in size. The name size\n leads to an arithmetic overflow leading to a zero-size\n allocation further causing a heap-based buffer overflow\n with attacker controlled data.(CVE-2020-14309)There is\n an issue on grub2 before version 2.06 at function\n read_section_as_string(). It expects a font name to be\n at max UINT32_MAX - 1 length in bytes but it doesn't\n verify it before proceed with buffer allocation to read\n the value from the font value. An attacker may leverage\n that by crafting a malicious font file which has a name\n with UINT32_MAX, leading to read_section_as_string() to\n an arithmetic overflow, zero-sized allocation and\n further heap-based buffer\n overflow.(CVE-2020-14310)There is an issue with grub2\n before version 2.06 while handling symlink on ext\n filesystems. A filesystem containing a symbolic link\n with an inode size of UINT32_MAX causes an arithmetic\n overflow leading to a zero-sized memory allocation with\n subsequent heap-based buffer\n overflow.(CVE-2020-14311)GRUB2 contains a race\n condition in grub_script_function_create() leading to a\n use-after-free vulnerability which can be triggered by\n redefining a function whilst the same function is\n already executing, leading to arbitrary code execution\n and secure boot restriction bypass. This issue affects\n GRUB2 version 2.04 and prior\n versions.(CVE-2020-15706)Integer overflows were\n discovered in the functions grub_cmd_initrd and\n grub_initrd_init in the efilinux component of GRUB2, as\n shipped in Debian, Red Hat, and Ubuntu (the\n functionality is not included in GRUB2 upstream),\n leading to a heap-based buffer overflow. These could be\n triggered by an extremely large number of arguments to\n the initrd command on 32-bit architectures, or a\n crafted filesystem with very large files on any\n architecture. An attacker could use this to execute\n arbitrary code and bypass UEFI Secure Boot\n restrictions. This issue affects GRUB2 version 2.04 and\n prior versions.(CVE-2020-15707)In grub2 versions before\n 2.06 the grub memory allocator doesn't check for\n possible arithmetic overflows on the requested\n allocation size. This leads the function to return\n invalid memory allocations which can be further used to\n cause possible integrity, confidentiality and\n availability impacts during the boot\n process.(CVE-2020-14308)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1853\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?544eb392\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected grub2 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/08/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:grub2-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:grub2-efi-aa64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:grub2-efi-aa64-cdboot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:grub2-efi-aa64-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:grub2-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:grub2-tools-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:grub2-tools-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"grub2-common-2.02-62.h25.eulerosv2r8\",\n \"grub2-efi-aa64-2.02-62.h25.eulerosv2r8\",\n \"grub2-efi-aa64-cdboot-2.02-62.h25.eulerosv2r8\",\n \"grub2-efi-aa64-modules-2.02-62.h25.eulerosv2r8\",\n \"grub2-tools-2.02-62.h25.eulerosv2r8\",\n \"grub2-tools-extra-2.02-62.h25.eulerosv2r8\",\n \"grub2-tools-minimal-2.02-62.h25.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"grub2\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-02-10T00:00:00", "description": "The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4992-1 advisory.\n\n - A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table (SSDT) containing code to overwrite the Linux kernel lockdown variable content directly into memory. The table is further loaded and executed by the kernel, defeatin