Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.AL2_ALAS-2023-2049.NASL
HistoryMay 17, 2023 - 12:00 a.m.

Amazon Linux 2 : glib2 (ALAS-2023-2049)

2023-05-1700:00:00
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
22
JSON

The version of glib2 installed on the remote host is prior to 2.56.1-9. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2049 advisory.

  • In GNOME GLib 2.56.1, g_markup_parse_context_end_parse() in gmarkup.c has a NULL pointer dereference.
    (CVE-2018-16428)

  • GNOME GLib 2.56.1 has an out-of-bounds read vulnerability in g_markup_parse_context_parse() in gmarkup.c, related to utf8_str(). (CVE-2018-16429)

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Amazon Linux 2 Security Advisory ALAS-2023-2049.
##

include('compat.inc');

if (description)
{
  script_id(175955);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/05/18");

  script_cve_id("CVE-2018-16428", "CVE-2018-16429");

  script_name(english:"Amazon Linux 2 : glib2 (ALAS-2023-2049)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Amazon Linux 2 host is missing a security update.");
  script_set_attribute(attribute:"description", value:
"The version of glib2 installed on the remote host is prior to 2.56.1-9. It is, therefore, affected by multiple
vulnerabilities as referenced in the ALAS2-2023-2049 advisory.

  - In GNOME GLib 2.56.1, g_markup_parse_context_end_parse() in gmarkup.c has a NULL pointer dereference.
    (CVE-2018-16428)

  - GNOME GLib 2.56.1 has an out-of-bounds read vulnerability in g_markup_parse_context_parse() in gmarkup.c,
    related to utf8_str(). (CVE-2018-16429)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/AL2/ALAS-2023-2049.html");
  script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2018-16428.html");
  script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/cve/html/CVE-2018-16429.html");
  script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/faqs.html");
  script_set_attribute(attribute:"solution", value:
"Run 'yum update glib2' to update your system.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-16428");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2018/09/03");
  script_set_attribute(attribute:"patch_publication_date", value:"2023/05/11");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/05/17");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:glib2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:glib2-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:glib2-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:glib2-doc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:glib2-fam");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:glib2-static");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:glib2-tests");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux:2");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Amazon Linux Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list");

  exit(0);
}

include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

var alas_release = get_kb_item("Host/AmazonLinux/release");
if (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, "Amazon Linux");
var os_ver = pregmatch(pattern: "^AL(A|\d+|-\d+)", string:alas_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux");
os_ver = os_ver[1];
if (os_ver != "2")
{
  if (os_ver == 'A') os_ver = 'AMI';
  audit(AUDIT_OS_NOT, "Amazon Linux 2", "Amazon Linux " + os_ver);
}

if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

var pkgs = [
    {'reference':'glib2-2.56.1-9.amzn2.0.3', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'glib2-2.56.1-9.amzn2.0.3', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'glib2-2.56.1-9.amzn2.0.3', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'glib2-debuginfo-2.56.1-9.amzn2.0.3', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'glib2-debuginfo-2.56.1-9.amzn2.0.3', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'glib2-debuginfo-2.56.1-9.amzn2.0.3', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'glib2-devel-2.56.1-9.amzn2.0.3', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'glib2-devel-2.56.1-9.amzn2.0.3', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'glib2-devel-2.56.1-9.amzn2.0.3', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'glib2-doc-2.56.1-9.amzn2.0.3', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'glib2-fam-2.56.1-9.amzn2.0.3', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'glib2-fam-2.56.1-9.amzn2.0.3', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'glib2-fam-2.56.1-9.amzn2.0.3', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'glib2-static-2.56.1-9.amzn2.0.3', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'glib2-static-2.56.1-9.amzn2.0.3', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'glib2-static-2.56.1-9.amzn2.0.3', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'glib2-tests-2.56.1-9.amzn2.0.3', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'glib2-tests-2.56.1-9.amzn2.0.3', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'glib2-tests-2.56.1-9.amzn2.0.3', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE}
];

var flag = 0;
foreach var package_array ( pkgs ) {
  var reference = NULL;
  var _release = NULL;
  var sp = NULL;
  var _cpu = NULL;
  var el_string = NULL;
  var rpm_spec_vers_cmp = NULL;
  var epoch = NULL;
  var allowmaj = NULL;
  var exists_check = NULL;
  if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
  if (!empty_or_null(package_array['release'])) _release = package_array['release'];
  if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
  if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
  if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
  if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
  if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
  if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
  if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
  if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {
    if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
  }
}

if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "glib2 / glib2-debuginfo / glib2-devel / etc");
}
VendorProductVersionCPE
amazonlinux2cpe:/o:amazon:linux:2
amazonlinuxglib2p-cpe:/a:amazon:linux:glib2
amazonlinuxglib2-debuginfop-cpe:/a:amazon:linux:glib2-debuginfo
amazonlinuxglib2-develp-cpe:/a:amazon:linux:glib2-devel
amazonlinuxglib2-docp-cpe:/a:amazon:linux:glib2-doc
amazonlinuxglib2-famp-cpe:/a:amazon:linux:glib2-fam
amazonlinuxglib2-staticp-cpe:/a:amazon:linux:glib2-static
amazonlinuxglib2-testsp-cpe:/a:amazon:linux:glib2-tests

Related

nessus 22
suse 1
ubuntu 2
mageia 1
amazon 3
openvas 17
cloudfoundry 1
osv 3
fedora 3
photon 3
debian 1
cve 2
veracode 1
prion 2
cvelist 2
ibm 7
ubuntucve 2
redhatcve 2
debiancve 2
nessus
nessus
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : GLib vulnerabilities (USN-3767-1)
2023-10-20 00:00:00
openSUSE Security Update : glib2 (openSUSE-2018-1485)
2018-12-07 00:00:00
SUSE SLED15 / SLES15 Security Update : glib2 (SUSE-SU-2018:3913-1)
2019-01-02 00:00:00
suse
suse
Security update for glib2 (moderate)
2018-12-07 12:24:54
ubuntu
ubuntu
GLib vulnerabilities
2018-09-19 00:00:00
GLib vulnerabilities
2018-09-19 00:00:00
mageia
mageia
Updated glib2.0 packages fix security vulnerabilities
2018-10-19 21:00:37
amazon
amazon
Important: glib2
2023-05-11 17:49:00
Important: glib2
2023-05-11 18:00:00
Important: glib2
2023-04-27 16:19:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2018:3913-1)
2021-06-09 00:00:00
Mageia: Security Advisory (MGASA-2018-0405)
2022-01-28 00:00:00
openSUSE: Security Advisory for glib2 (openSUSE-SU-2018:4005-1)
2018-12-10 00:00:00
cloudfoundry
cloudfoundry
USN-3767-1: GLib vulnerabilities | Cloud Foundry
2018-09-27 00:00:00
osv
osv
glib2.0 - security update
2019-07-31 00:00:00
CVE-2018-16429
2018-09-04 00:29:01
CVE-2018-16428
2018-09-04 00:29:01
fedora
fedora
[SECURITY] Fedora 28 Update: chromium-69.0.3497.100-1.fc28
2018-10-14 23:43:01
[SECURITY] Fedora 27 Update: chromium-69.0.3497.100-1.fc27
2018-11-11 02:40:37
[SECURITY] Fedora 29 Update: chromium-69.0.3497.100-1.fc29
2018-10-30 17:43:16
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-1.0-0194
2018-11-07 00:00:00
Critical Photon OS Security Update - PHSA-2018-0194
2018-11-07 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-2.0-0108
2018-11-08 00:00:00
debian
debian
[SECURITY] [DLA 1866-1] glib2.0 security update
2019-07-31 18:52:32
cve
cve
CVE-2018-16429
2018-09-04 00:29:00
CVE-2018-16428
2018-09-04 00:29:00
veracode
veracode
Denial Of Service (DoS)
2021-06-30 08:18:02
prion
prion
Null pointer dereference
2018-09-04 00:29:00
Out-of-bounds
2018-09-04 00:29:00
cvelist
cvelist
CVE-2018-16428
2018-09-04 00:00:00
CVE-2018-16429
2018-09-04 00:00:00
ibm
ibm
Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by vulnerability in glib2 (CVE-2018-16429)
2020-01-09 19:02:54
Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerability GNU C Library (CVE-2018-16429)
2023-12-07 22:45:02
Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by vulnerabilities in glib2, libxml2 and ntp
2023-12-07 22:45:04
ubuntucve
ubuntucve
CVE-2018-16429
2018-09-03 00:00:00
CVE-2018-16428
2018-09-03 00:00:00
redhatcve
redhatcve
CVE-2018-16428
2020-03-31 08:43:42
CVE-2018-16429
2019-10-24 18:12:42
debiancve
debiancve
CVE-2018-16428
2018-09-04 00:29:00
CVE-2018-16429
2018-09-04 00:29:00
JSON
Related for AL2_ALAS-2023-2049.NASL
nessus22suse1ubuntu2mageia1amazon3openvas17cloudfoundry1osv3fedora3photon3debian1cve2veracode1prion2cvelist2ibm7ubuntucve2redhatcve2debiancve2