| Reporter | Title | Published | Views | Family All 2741 |
|---|---|---|---|---|
| Linux i915 PTE Use-After-Free Exploit | 24 Sep 202400:00 | – | zdt | |
| LSN-0108-1: Kernel Live Patch Security Notice | 19 Dec 202411:12 | – | ubuntu | |
| LSN-0109-1: Kernel Live Patch Security Notice | 20 Feb 202510:11 | – | ubuntu | |
| USN-7004-1: Linux kernel vulnerabilities | 12 Sep 202413:23 | – | ubuntu | |
| USN-7009-1: Linux kernel vulnerabilities | 13 Sep 202411:47 | – | ubuntu | |
| USN-7009-2: Linux kernel vulnerabilities | 25 Sep 202408:27 | – | ubuntu | |
| USN-7020-1: Linux kernel vulnerabilities | 18 Sep 202415:01 | – | ubuntu | |
| USN-7020-2: Linux kernel vulnerabilities | 23 Sep 202410:23 | – | ubuntu | |
| USN-7020-3: Linux kernel vulnerabilities | 26 Sep 202410:57 | – | ubuntu | |
| USN-7020-4: Linux kernel vulnerabilities | 11 Oct 202409:09 | – | ubuntu |
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Amazon Linux 2023 Security Advisory ALAS2023-2025-864.
##
include('compat.inc');
if (description)
{
script_id(232713);
script_version("1.9");
script_set_attribute(attribute:"plugin_modification_date", value:"2026/06/27");
script_cve_id(
"CVE-2023-53037",
"CVE-2023-53320",
"CVE-2024-39472",
"CVE-2024-41042",
"CVE-2024-42159",
"CVE-2024-42258",
"CVE-2024-42259",
"CVE-2024-42268",
"CVE-2024-42269",
"CVE-2024-42270",
"CVE-2024-42276",
"CVE-2024-42281",
"CVE-2024-42283",
"CVE-2024-42285",
"CVE-2024-42292",
"CVE-2024-42299",
"CVE-2024-42302",
"CVE-2024-42304",
"CVE-2024-42305",
"CVE-2024-42306",
"CVE-2024-42307",
"CVE-2024-42312",
"CVE-2024-42316",
"CVE-2024-42321",
"CVE-2024-43817",
"CVE-2024-43823",
"CVE-2024-43828",
"CVE-2024-43830",
"CVE-2024-43834",
"CVE-2024-43837",
"CVE-2024-43853",
"CVE-2024-43854",
"CVE-2024-43855",
"CVE-2024-43856",
"CVE-2024-43869",
"CVE-2024-43870",
"CVE-2024-43871",
"CVE-2024-43873",
"CVE-2024-43882",
"CVE-2024-43883",
"CVE-2024-43889",
"CVE-2024-43893",
"CVE-2024-43894",
"CVE-2024-43914",
"CVE-2024-44934",
"CVE-2024-44935",
"CVE-2024-44944",
"CVE-2024-44948",
"CVE-2024-44958",
"CVE-2024-44965",
"CVE-2024-44970",
"CVE-2024-57947"
);
script_name(english:"Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2025-864)");
script_set_attribute(attribute:"synopsis", value:
"The remote Amazon Linux 2023 host is missing a security update.");
script_set_attribute(attribute:"description", value:
"It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-864 advisory.
In the Linux kernel, the following vulnerability has been resolved:
scsi: mpi3mr: Bad drive in topology results kernel crash (CVE-2023-53037)
In the Linux kernel, the following vulnerability has been resolved:
scsi: mpi3mr: Fix issues in mpi3mr_get_all_tgt_info() (CVE-2023-53320)
In the Linux kernel, the following vulnerability has been resolved:
xfs: fix log recovery buffer allocation for the legacy h_size fixup (CVE-2024-39472)
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_tables: prefer nft_chain_validate (CVE-2024-41042)
In the Linux kernel, the following vulnerability has been resolved:
scsi: mpi3mr: Sanitise num_phys (CVE-2024-42159)
In the Linux kernel, the following vulnerability has been resolved:
mm: huge_memory: use !CONFIG_64BIT to relax huge page alignment on 32 bit machines (CVE-2024-42258)
In the Linux kernel, the following vulnerability has been resolved:
drm/i915/gem: Fix Virtual Memory mapping boundaries calculation (CVE-2024-42259)
In the Linux kernel, the following vulnerability has been resolved:
net/mlx5: Fix missing lock on sync reset reload (CVE-2024-42268)
In the Linux kernel, the following vulnerability has been resolved:
netfilter: iptables: Fix potential null-ptr-deref in ip6table_nat_table_init(). (CVE-2024-42269)
In the Linux kernel, the following vulnerability has been resolved:
netfilter: iptables: Fix null-ptr-deref in iptable_nat_table_init(). (CVE-2024-42270)
In the Linux kernel, the following vulnerability has been resolved:
nvme-pci: add missing condition check for existence of mapped data (CVE-2024-42276)
In the Linux kernel, the following vulnerability has been resolved:
bpf: Fix a segment issue when downgrading gso_size (CVE-2024-42281)
In the Linux kernel, the following vulnerability has been resolved:
net: nexthop: Initialize all fields in dumped nexthops (CVE-2024-42283)
In the Linux kernel, the following vulnerability has been resolved:
RDMA/iwcm: Fix a use-after-free related to destroying CM IDs (CVE-2024-42285)
In the Linux kernel, the following vulnerability has been resolved:
kobject_uevent: Fix OOB access within zap_modalias_env() (CVE-2024-42292)
In the Linux kernel, the following vulnerability has been resolved:
fs/ntfs3: Update log->page_{mask,bits} if log->page_size changed (CVE-2024-42299)
In the Linux kernel, the following vulnerability has been resolved:
PCI/DPC: Fix use-after-free on concurrent DPC and hot-removal (CVE-2024-42302)
In the Linux kernel, the following vulnerability has been resolved:
ext4: make sure the first directory block is not a hole (CVE-2024-42304)
In the Linux kernel, the following vulnerability has been resolved:
ext4: check dot and dotdot of dx_root before making dir indexed (CVE-2024-42305)
In the Linux kernel, the following vulnerability has been resolved:
udf: Avoid using corrupted block bitmap buffer (CVE-2024-42306)
In the Linux kernel, the following vulnerability has been resolved:
cifs: fix potential null pointer use in destroy_workqueue in init_cifs error path (CVE-2024-42307)
In the Linux kernel, the following vulnerability has been resolved:
sysctl: always initialize i_uid/i_gid (CVE-2024-42312)
In the Linux kernel, the following vulnerability has been resolved:
mm/mglru: fix div-by-zero in vmpressure_calc_level() (CVE-2024-42316)
In the Linux kernel, the following vulnerability has been resolved:
net: flow_dissector: use DEBUG_NET_WARN_ON_ONCE (CVE-2024-42321)
In the Linux kernel, the following vulnerability has been resolved:
net: missing check virtio (CVE-2024-43817)
In the Linux kernel, the following vulnerability has been resolved:
PCI: keystone: Fix NULL pointer dereference in case of DT error in ks_pcie_setup_rc_app_regs()
(CVE-2024-43823)
In the Linux kernel, the following vulnerability has been resolved:
ext4: fix infinite loop when replaying fast_commit (CVE-2024-43828)
In the Linux kernel, the following vulnerability has been resolved:
leds: trigger: Unregister sysfs attributes before calling deactivate() (CVE-2024-43830)
In the Linux kernel, the following vulnerability has been resolved:
xdp: fix invalid wait context of page_pool_destroy() (CVE-2024-43834)
In the Linux kernel, the following vulnerability has been resolved:
bpf: Fix null pointer dereference in resolve_prog_type() for BPF_PROG_TYPE_EXT (CVE-2024-43837)
In the Linux kernel, the following vulnerability has been resolved:
cgroup/cpuset: Prevent UAF in proc_cpuset_show() (CVE-2024-43853)
In the Linux kernel, the following vulnerability has been resolved:
block: initialize integrity buffer to zero before writing it to media (CVE-2024-43854)
In the Linux kernel, the following vulnerability has been resolved:
md: fix deadlock between mddev_suspend and flush bio (CVE-2024-43855)
In the Linux kernel, the following vulnerability has been resolved:
dma: fix call order in dmam_free_coherent (CVE-2024-43856)
In the Linux kernel, the following vulnerability has been resolved:
perf: Fix event leak upon exec and file release (CVE-2024-43869)
In the Linux kernel, the following vulnerability has been resolved:
perf: Fix event leak upon exit (CVE-2024-43870)
In the Linux kernel, the following vulnerability has been resolved:
devres: Fix memory leakage caused by driver API devm_free_percpu() (CVE-2024-43871)
In the Linux kernel, the following vulnerability has been resolved:
vhost/vsock: always initialize seqpacket_allow (CVE-2024-43873)
In the Linux kernel, the following vulnerability has been resolved:
exec: Fix ToCToU between perm check and set-uid/gid usage (CVE-2024-43882)
In the Linux kernel, the following vulnerability has been resolved:
usb: vhci-hcd: Do not drop references before new references are gained (CVE-2024-43883)
In the Linux kernel, the following vulnerability has been resolved:
padata: Fix possible divide-by-0 panic in padata_mt_helper() (CVE-2024-43889)
In the Linux kernel, the following vulnerability has been resolved:
serial: core: check uartclk for zero to avoid divide by zero (CVE-2024-43893)
In the Linux kernel, the following vulnerability has been resolved:
drm/client: fix null pointer dereference in drm_client_modeset_probe (CVE-2024-43894)
In the Linux kernel, the following vulnerability has been resolved:
md/raid5: avoid BUG_ON() while continue reshape after reassembling (CVE-2024-43914)
In the Linux kernel, the following vulnerability has been resolved:
net: bridge: mcast: wait for previous gc cycles when removing port (CVE-2024-44934)
In the Linux kernel, the following vulnerability has been resolved:
sctp: Fix null-ptr-deref in reuseport_add_sock(). (CVE-2024-44935)
In the Linux kernel, the following vulnerability has been resolved:
netfilter: ctnetlink: use helper function to calculate expect ID (CVE-2024-44944)
In the Linux kernel, the following vulnerability has been resolved:
x86/mtrr: Check if fixed MTRRs exist before saving them (CVE-2024-44948)
In the Linux kernel, the following vulnerability has been resolved:
sched/smt: Fix unbalance sched_smt_present dec/inc (CVE-2024-44958)
In the Linux kernel, the following vulnerability has been resolved:
x86/mm: Fix pti_clone_pgtable() alignment assumption (CVE-2024-44965)
In the Linux kernel, the following vulnerability has been resolved:
net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink (CVE-2024-44970)
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_set_pipapo: fix initial map fill (CVE-2024-57947)
Tenable has extracted the preceding description block directly from the tested product security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com//AL2023/ALAS2023-2025-864.html");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/faqs.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2023-53037.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2023-53320.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2024-39472.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2024-41042.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2024-42159.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2024-42258.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2024-42259.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2024-42268.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2024-42269.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2024-42270.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2024-42276.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2024-42281.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2024-42283.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2024-42285.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2024-42292.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2024-42299.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2024-42302.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2024-42304.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2024-42305.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2024-42306.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2024-42307.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2024-42312.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2024-42316.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2024-42321.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2024-43817.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2024-43823.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2024-43828.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2024-43830.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2024-43834.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2024-43837.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2024-43853.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2024-43854.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2024-43855.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2024-43856.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2024-43869.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2024-43870.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2024-43871.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2024-43873.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2024-43882.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2024-43883.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2024-43889.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2024-43893.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2024-43894.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2024-43914.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2024-44934.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2024-44935.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2024-44944.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2024-44948.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2024-44958.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2024-44965.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2024-44970.html");
script_set_attribute(attribute:"see_also", value:"https://explore.alas.aws.amazon.com/CVE-2024-57947.html");
script_set_attribute(attribute:"solution", value:
"Run 'dnf update kernel --releasever 2023.6.20250303' or
or 'dnf update --advisory ALAS2023-2025-864 --releasever 2023.6.20250303' to update your system.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2024-44934");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2024/07/29");
script_set_attribute(attribute:"patch_publication_date", value:"2025/02/26");
script_set_attribute(attribute:"plugin_publication_date", value:"2025/03/14");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:bpftool");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:bpftool-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-headers");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-libbpf");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-libbpf-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-libbpf-static");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-livepatch-6.1.106-116.188");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-modules-extra");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-modules-extra-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-tools");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-tools-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-tools-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perf");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perf-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:python3-perf");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:python3-perf-debuginfo");
script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux:2023");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Amazon Linux Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2025-2026 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl", "kpatch.nasl");
script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list");
exit(0);
}
include("rpm2.inc");
include("hotfixes.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var alas_release = get_kb_item("Host/AmazonLinux/release");
if (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, "Amazon Linux");
var os_ver = pregmatch(pattern: "^AL(A|\d+|-\d+)", string:alas_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux");
os_ver = os_ver[1];
if (os_ver != "-2023")
{
if (os_ver == 'A') os_ver = 'AMI';
audit(AUDIT_OS_NOT, "Amazon Linux 2023", "Amazon Linux " + os_ver);
}
if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
if (get_one_kb_item("Host/kpatch/kernel-cves"))
{
var cve_list = make_list("CVE-2023-53037", "CVE-2023-53320", "CVE-2024-39472", "CVE-2024-41042", "CVE-2024-42159", "CVE-2024-42258", "CVE-2024-42259", "CVE-2024-42268", "CVE-2024-42269", "CVE-2024-42270", "CVE-2024-42276", "CVE-2024-42281", "CVE-2024-42283", "CVE-2024-42285", "CVE-2024-42292", "CVE-2024-42299", "CVE-2024-42302", "CVE-2024-42304", "CVE-2024-42305", "CVE-2024-42306", "CVE-2024-42307", "CVE-2024-42312", "CVE-2024-42316", "CVE-2024-42321", "CVE-2024-43817", "CVE-2024-43823", "CVE-2024-43828", "CVE-2024-43830", "CVE-2024-43834", "CVE-2024-43837", "CVE-2024-43853", "CVE-2024-43854", "CVE-2024-43855", "CVE-2024-43856", "CVE-2024-43869", "CVE-2024-43870", "CVE-2024-43871", "CVE-2024-43873", "CVE-2024-43882", "CVE-2024-43883", "CVE-2024-43889", "CVE-2024-43893", "CVE-2024-43894", "CVE-2024-43914", "CVE-2024-44934", "CVE-2024-44935", "CVE-2024-44944", "CVE-2024-44948", "CVE-2024-44958", "CVE-2024-44965", "CVE-2024-44970", "CVE-2024-57947");
if (hotfix_cves_check(cve_list))
{
audit(AUDIT_PATCH_INSTALLED, "kpatch hotfix for ALAS2023-2025-864");
}
else
{
__rpm_report = hotfix_reporting_text();
}
}
var pkgs = [
{'reference':'bpftool-6.1.106-116.188.amzn2023', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'bpftool-6.1.'},
{'reference':'bpftool-6.1.106-116.188.amzn2023', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'bpftool-6.1.'},
{'reference':'bpftool-debuginfo-6.1.106-116.188.amzn2023', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'bpftool-debuginfo-6.1.'},
{'reference':'bpftool-debuginfo-6.1.106-116.188.amzn2023', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'bpftool-debuginfo-6.1.'},
{'reference':'kernel-6.1.106-116.188.amzn2023', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-6.1.'},
{'reference':'kernel-6.1.106-116.188.amzn2023', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-6.1.'},
{'reference':'kernel-debuginfo-6.1.106-116.188.amzn2023', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debuginfo-6.1.'},
{'reference':'kernel-debuginfo-6.1.106-116.188.amzn2023', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debuginfo-6.1.'},
{'reference':'kernel-debuginfo-common-aarch64-6.1.106-116.188.amzn2023', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debuginfo-common-aarch64-6.1.'},
{'reference':'kernel-debuginfo-common-x86_64-6.1.106-116.188.amzn2023', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debuginfo-common-x86_64-6.1.'},
{'reference':'kernel-devel-6.1.106-116.188.amzn2023', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-devel-6.1.'},
{'reference':'kernel-devel-6.1.106-116.188.amzn2023', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-devel-6.1.'},
{'reference':'kernel-headers-6.1.106-116.188.amzn2023', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-headers-6.1.'},
{'reference':'kernel-headers-6.1.106-116.188.amzn2023', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-headers-6.1.'},
{'reference':'kernel-libbpf-6.1.106-116.188.amzn2023', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-libbpf-6.1.'},
{'reference':'kernel-libbpf-6.1.106-116.188.amzn2023', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-libbpf-6.1.'},
{'reference':'kernel-libbpf-devel-6.1.106-116.188.amzn2023', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-libbpf-devel-6.1.'},
{'reference':'kernel-libbpf-devel-6.1.106-116.188.amzn2023', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-libbpf-devel-6.1.'},
{'reference':'kernel-libbpf-static-6.1.106-116.188.amzn2023', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-libbpf-static-6.1.'},
{'reference':'kernel-libbpf-static-6.1.106-116.188.amzn2023', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-libbpf-static-6.1.'},
{'reference':'kernel-livepatch-6.1.106-116.188-1.0-0.amzn2023', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-livepatch-6.1.106-116.188-1.0-0.amzn2023', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-modules-extra-6.1.106-116.188.amzn2023', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-modules-extra-6.1.'},
{'reference':'kernel-modules-extra-6.1.106-116.188.amzn2023', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-modules-extra-6.1.'},
{'reference':'kernel-modules-extra-common-6.1.106-116.188.amzn2023', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-modules-extra-common-6.1.'},
{'reference':'kernel-modules-extra-common-6.1.106-116.188.amzn2023', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-modules-extra-common-6.1.'},
{'reference':'kernel-tools-6.1.106-116.188.amzn2023', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-tools-6.1.'},
{'reference':'kernel-tools-6.1.106-116.188.amzn2023', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-tools-6.1.'},
{'reference':'kernel-tools-debuginfo-6.1.106-116.188.amzn2023', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-tools-debuginfo-6.1.'},
{'reference':'kernel-tools-debuginfo-6.1.106-116.188.amzn2023', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-tools-debuginfo-6.1.'},
{'reference':'kernel-tools-devel-6.1.106-116.188.amzn2023', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-tools-devel-6.1.'},
{'reference':'kernel-tools-devel-6.1.106-116.188.amzn2023', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-tools-devel-6.1.'},
{'reference':'perf-6.1.106-116.188.amzn2023', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'perf-6.1.'},
{'reference':'perf-6.1.106-116.188.amzn2023', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'perf-6.1.'},
{'reference':'perf-debuginfo-6.1.106-116.188.amzn2023', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'perf-debuginfo-6.1.'},
{'reference':'perf-debuginfo-6.1.106-116.188.amzn2023', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'perf-debuginfo-6.1.'},
{'reference':'python3-perf-6.1.106-116.188.amzn2023', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'python3-perf-6.1.'},
{'reference':'python3-perf-6.1.106-116.188.amzn2023', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'python3-perf-6.1.'},
{'reference':'python3-perf-debuginfo-6.1.106-116.188.amzn2023', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'python3-perf-debuginfo-6.1.'},
{'reference':'python3-perf-debuginfo-6.1.106-116.188.amzn2023', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'python3-perf-debuginfo-6.1.'}
];
var flag = 0;
foreach var package_array ( pkgs ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var el_string = NULL;
var rpm_spec_vers_cmp = NULL;
var epoch = NULL;
var allowmaj = NULL;
var exists_check = NULL;
var cves = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) _release = package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
if (!empty_or_null(package_array['cves'])) cves = package_array['cves'];
if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {
if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "bpftool / bpftool-debuginfo / kernel / etc");
}
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation