Lucene search
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.AL2023_ALAS2023-2024-573.NASLHistoryMar 21, 2024 - 12:00 a.m.
Amazon Linux 2023 : python3-rpm, rpm, rpm-apidocs (ALAS2023-2024-573)
2024-03-2100:00:00
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
10
amazon linux 2023
python3-rpm
rpm
rpm-apidocs
alas2023-2024-573
vulnerability
race condition
symbolic link
data confidentiality
integrity
system availability
incomplete fix
7.5 High
AI Score
Confidence
Low
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-573 advisory.
-
A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced in response to CVE-2017-7500 and CVE-2017-7501, potentially gaining root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2021-35937)
-
A symbolic link issue was found in rpm. It occurs when rpm sets the desired permissions and credentials after installing a file. A local unprivileged user could use this flaw to exchange the original file with a symbolic link to a security-critical file and escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
(CVE-2021-35938) -
It was found that the fix for CVE-2017-7500 and CVE-2017-7501 was incomplete: the check was only implemented for the parent directory of the file to be created. A local unprivileged user who owns another ancestor directory could potentially use this flaw to gain root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2021-35939)
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Amazon Linux 2023 Security Advisory ALAS2023-2024-573.
##
include('compat.inc');
if (description)
{
script_id(192453);
script_version("1.1");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/03/22");
script_cve_id("CVE-2021-35937", "CVE-2021-35938", "CVE-2021-35939");
script_name(english:"Amazon Linux 2023 : python3-rpm, rpm, rpm-apidocs (ALAS2023-2024-573)");
script_set_attribute(attribute:"synopsis", value:
"The remote Amazon Linux 2023 host is missing a security update.");
script_set_attribute(attribute:"description", value:
"It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-573 advisory.
- A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass
the checks that were introduced in response to CVE-2017-7500 and CVE-2017-7501, potentially gaining root
privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as
system availability. (CVE-2021-35937)
- A symbolic link issue was found in rpm. It occurs when rpm sets the desired permissions and credentials
after installing a file. A local unprivileged user could use this flaw to exchange the original file with
a symbolic link to a security-critical file and escalate their privileges on the system. The highest
threat from this vulnerability is to data confidentiality and integrity as well as system availability.
(CVE-2021-35938)
- It was found that the fix for CVE-2017-7500 and CVE-2017-7501 was incomplete: the check was only
implemented for the parent directory of the file to be created. A local unprivileged user who owns another
ancestor directory could potentially use this flaw to gain root privileges. The highest threat from this
vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2021-35939)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/AL2023/ALAS-2024-573.html");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2021-35937.html");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2021-35938.html");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2021-35939.html");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/faqs.html");
script_set_attribute(attribute:"solution", value:
"Run 'dnf update rpm --releasever 2023.4.20240319' to update your system.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:M/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-35939");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2022/08/25");
script_set_attribute(attribute:"patch_publication_date", value:"2024/03/13");
script_set_attribute(attribute:"plugin_publication_date", value:"2024/03/21");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:python3-rpm");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:python3-rpm-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:rpm");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:rpm-apidocs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:rpm-build");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:rpm-build-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:rpm-build-libs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:rpm-build-libs-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:rpm-cron");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:rpm-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:rpm-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:rpm-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:rpm-devel-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:rpm-libs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:rpm-libs-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:rpm-plugin-audit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:rpm-plugin-audit-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:rpm-plugin-fapolicyd");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:rpm-plugin-fapolicyd-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:rpm-plugin-ima");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:rpm-plugin-ima-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:rpm-plugin-prioreset");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:rpm-plugin-prioreset-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:rpm-plugin-selinux");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:rpm-plugin-selinux-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:rpm-plugin-syslog");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:rpm-plugin-syslog-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:rpm-plugin-systemd-inhibit");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:rpm-plugin-systemd-inhibit-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:rpm-sign");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:rpm-sign-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:rpm-sign-libs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:rpm-sign-libs-debuginfo");
script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux:2023");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Amazon Linux Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list");
exit(0);
}
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var alas_release = get_kb_item("Host/AmazonLinux/release");
if (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, "Amazon Linux");
var os_ver = pregmatch(pattern: "^AL(A|\d+|-\d+)", string:alas_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux");
os_ver = os_ver[1];
if (os_ver != "-2023")
{
if (os_ver == 'A') os_ver = 'AMI';
audit(AUDIT_OS_NOT, "Amazon Linux 2023", "Amazon Linux " + os_ver);
}
if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
var pkgs = [
{'reference':'python3-rpm-4.16.1.3-29.amzn2023.0.6', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python3-rpm-4.16.1.3-29.amzn2023.0.6', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python3-rpm-debuginfo-4.16.1.3-29.amzn2023.0.6', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python3-rpm-debuginfo-4.16.1.3-29.amzn2023.0.6', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-4.16.1.3-29.amzn2023.0.6', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-4.16.1.3-29.amzn2023.0.6', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-apidocs-4.16.1.3-29.amzn2023.0.6', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-build-4.16.1.3-29.amzn2023.0.6', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-build-4.16.1.3-29.amzn2023.0.6', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-build-debuginfo-4.16.1.3-29.amzn2023.0.6', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-build-debuginfo-4.16.1.3-29.amzn2023.0.6', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-build-libs-4.16.1.3-29.amzn2023.0.6', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-build-libs-4.16.1.3-29.amzn2023.0.6', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-build-libs-debuginfo-4.16.1.3-29.amzn2023.0.6', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-build-libs-debuginfo-4.16.1.3-29.amzn2023.0.6', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-cron-4.16.1.3-29.amzn2023.0.6', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-debuginfo-4.16.1.3-29.amzn2023.0.6', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-debuginfo-4.16.1.3-29.amzn2023.0.6', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-debugsource-4.16.1.3-29.amzn2023.0.6', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-debugsource-4.16.1.3-29.amzn2023.0.6', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-devel-4.16.1.3-29.amzn2023.0.6', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-devel-4.16.1.3-29.amzn2023.0.6', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-devel-debuginfo-4.16.1.3-29.amzn2023.0.6', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-devel-debuginfo-4.16.1.3-29.amzn2023.0.6', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-libs-4.16.1.3-29.amzn2023.0.6', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-libs-4.16.1.3-29.amzn2023.0.6', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-libs-debuginfo-4.16.1.3-29.amzn2023.0.6', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-libs-debuginfo-4.16.1.3-29.amzn2023.0.6', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-plugin-audit-4.16.1.3-29.amzn2023.0.6', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-plugin-audit-4.16.1.3-29.amzn2023.0.6', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-plugin-audit-debuginfo-4.16.1.3-29.amzn2023.0.6', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-plugin-audit-debuginfo-4.16.1.3-29.amzn2023.0.6', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-plugin-fapolicyd-4.16.1.3-29.amzn2023.0.6', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-plugin-fapolicyd-4.16.1.3-29.amzn2023.0.6', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-plugin-fapolicyd-debuginfo-4.16.1.3-29.amzn2023.0.6', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-plugin-fapolicyd-debuginfo-4.16.1.3-29.amzn2023.0.6', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-plugin-ima-4.16.1.3-29.amzn2023.0.6', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-plugin-ima-4.16.1.3-29.amzn2023.0.6', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-plugin-ima-debuginfo-4.16.1.3-29.amzn2023.0.6', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-plugin-ima-debuginfo-4.16.1.3-29.amzn2023.0.6', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-plugin-prioreset-4.16.1.3-29.amzn2023.0.6', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-plugin-prioreset-4.16.1.3-29.amzn2023.0.6', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-plugin-prioreset-debuginfo-4.16.1.3-29.amzn2023.0.6', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-plugin-prioreset-debuginfo-4.16.1.3-29.amzn2023.0.6', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-plugin-selinux-4.16.1.3-29.amzn2023.0.6', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-plugin-selinux-4.16.1.3-29.amzn2023.0.6', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-plugin-selinux-debuginfo-4.16.1.3-29.amzn2023.0.6', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-plugin-selinux-debuginfo-4.16.1.3-29.amzn2023.0.6', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-plugin-syslog-4.16.1.3-29.amzn2023.0.6', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-plugin-syslog-4.16.1.3-29.amzn2023.0.6', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-plugin-syslog-debuginfo-4.16.1.3-29.amzn2023.0.6', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-plugin-syslog-debuginfo-4.16.1.3-29.amzn2023.0.6', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-plugin-systemd-inhibit-4.16.1.3-29.amzn2023.0.6', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-plugin-systemd-inhibit-4.16.1.3-29.amzn2023.0.6', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-plugin-systemd-inhibit-debuginfo-4.16.1.3-29.amzn2023.0.6', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-plugin-systemd-inhibit-debuginfo-4.16.1.3-29.amzn2023.0.6', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-sign-4.16.1.3-29.amzn2023.0.6', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-sign-4.16.1.3-29.amzn2023.0.6', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-sign-debuginfo-4.16.1.3-29.amzn2023.0.6', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-sign-debuginfo-4.16.1.3-29.amzn2023.0.6', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-sign-libs-4.16.1.3-29.amzn2023.0.6', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-sign-libs-4.16.1.3-29.amzn2023.0.6', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-sign-libs-debuginfo-4.16.1.3-29.amzn2023.0.6', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rpm-sign-libs-debuginfo-4.16.1.3-29.amzn2023.0.6', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE}
];
var flag = 0;
foreach var package_array ( pkgs ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var el_string = NULL;
var rpm_spec_vers_cmp = NULL;
var epoch = NULL;
var allowmaj = NULL;
var exists_check = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) _release = package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {
if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "python3-rpm / python3-rpm-debuginfo / rpm / etc");
}| Vendor | Product | Version | CPE |
|---|---|---|---|
| amazon | linux | rpm | p-cpe:/a:amazon:linux:rpm |
| amazon | linux | rpm-apidocs | p-cpe:/a:amazon:linux:rpm-apidocs |
| amazon | linux | rpm-build | p-cpe:/a:amazon:linux:rpm-build |
| amazon | linux | rpm-cron | p-cpe:/a:amazon:linux:rpm-cron |
| amazon | linux | rpm-debuginfo | p-cpe:/a:amazon:linux:rpm-debuginfo |
| amazon | linux | rpm-devel | p-cpe:/a:amazon:linux:rpm-devel |
| amazon | linux | rpm-libs | p-cpe:/a:amazon:linux:rpm-libs |
| amazon | linux | rpm-build-libs | p-cpe:/a:amazon:linux:rpm-build-libs |
| amazon | linux | rpm-sign | p-cpe:/a:amazon:linux:rpm-sign |
| amazon | linux | python3-rpm | p-cpe:/a:amazon:linux:python3-rpm |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35937
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35938
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35939
alas.aws.amazon.com/AL2023/ALAS-2024-573.html
alas.aws.amazon.com/cve/html/CVE-2021-35937.html
alas.aws.amazon.com/cve/html/CVE-2021-35938.html
alas.aws.amazon.com/cve/html/CVE-2021-35939.html
alas.aws.amazon.com/faqs.html
Related
nessus
nessus
EulerOS Virtualization 2.10.1 : rpm (EulerOS-SA-2023-1153)
2023-01-10 00:00:00
AlmaLinux 8 : rpm (ALSA-2024:0647)
2024-02-02 00:00:00
EulerOS Virtualization 2.9.0 : rpm (EulerOS-SA-2023-1232)
2023-01-10 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for rpm (EulerOS-SA-2023-1174)
2023-01-12 00:00:00
Huawei EulerOS: Security Advisory for rpm (EulerOS-SA-2023-1153)
2023-01-12 00:00:00
Huawei EulerOS: Security Advisory for rpm (EulerOS-SA-2022-2776)
2022-11-14 00:00:00
osv
osv
Moderate: rpm security update
2024-02-01 00:00:00
Moderate: rpm security update
2024-02-12 20:17:16
CVE-2021-35937
2022-08-25 20:15:09
rocky
rocky
rpm security update
2024-02-12 20:17:16
redhat
redhat
(RHSA-2024:0582) Moderate: rpm security update
2024-01-30 12:53:23
(RHSA-2024:0424) Moderate: rpm security update
2024-01-24 14:40:29
(RHSA-2024:0435) Moderate: rpm security update
2024-01-24 14:40:39
almalinux
almalinux
Moderate: rpm security update
2024-02-01 00:00:00
Moderate: rpm security update
2024-01-25 00:00:00
oraclelinux
oraclelinux
rpm security update
2024-01-25 00:00:00
rpm security update
2024-02-02 00:00:00
prion
prion
Race condition
2022-08-25 20:15:00
Design/Logic Flaw
2022-08-26 16:15:00
Design/Logic Flaw
2022-08-25 20:15:00
veracode
veracode
Denial Of Service (DoS)
2022-10-01 00:52:29
Privilege Escalation
2022-08-29 04:37:38
Privilege Escalation
2022-10-01 00:52:27
alpinelinux
alpinelinux
debiancve
debiancve
redhatcve
redhatcve
ubuntucve
ubuntucve
cve
cve
redos
redos
ROS-20240410-21
2024-04-10 00:00:00
gentoo
gentoo
RPM: Multiple Vulnerabilities
2022-10-31 00:00:00
RPM: Multiple vulnerabilities
2018-11-28 00:00:00
fedora
fedora
[SECURITY] Fedora 26 Update: rpm-4.13.0.2-1.fc26
2017-11-07 22:21:47
[SECURITY] Fedora 25 Update: rpm-4.13.0.2-1.fc25
2017-11-28 17:35:50
mageia
mageia
Updated rpm package fixes security vulnerabilities
2017-10-30 22:23:17
suse
suse
Security update for rpm (moderate)
2018-10-24 15:11:26
Security update for rpm (moderate)
2018-08-06 15:17:09
freebsd
freebsd
rpm4 -- Multiple Vulnerabilities
2022-08-22 00:00:00
cbl_mariner
cbl_mariner
CVE-2021-35939 affecting package rpm 4.14.2-15
2024-05-16 16:07:09
CVE-2021-35938 affecting package rpm for versions less than 4.18.0-1
2022-10-05 23:33:44
CVE-2021-35938 affecting package rpm 4.14.2-15
2024-05-16 16:07:09
f5
f5
K03710547 : Linux RPM vulnerability CVE-2017-7501
2018-01-26 00:00:00
ibm
ibm
rosalinux
rosalinux
Advisory ROSA-SA-2021-1963
2021-07-02 18:04:36
photon
photon