| Reporter | Title | Published | Views | Family All 153 |
|---|---|---|---|---|
| Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2025-855) | 26 Feb 202500:00 | – | nessus | |
| Debian dla-4076 : linux-config-6.1 - security update | 1 Mar 202500:00 | – | nessus | |
| Debian dsa-5860 : affs-modules-6.1.0-21-4kc-malta-di - security update | 7 Feb 202500:00 | – | nessus | |
| EulerOS 2.0 SP12 : kernel (EulerOS-SA-2025-1299) | 20 Mar 202500:00 | – | nessus | |
| EulerOS 2.0 SP12 : kernel (EulerOS-SA-2025-1300) | 20 Mar 202500:00 | – | nessus | |
| EulerOS 2.0 SP13 : kernel (EulerOS-SA-2025-1317) | 1 Apr 202500:00 | – | nessus | |
| EulerOS 2.0 SP13 : kernel (EulerOS-SA-2025-1334) | 1 Apr 202500:00 | – | nessus | |
| EulerOS 2.0 SP11 : kernel (EulerOS-SA-2025-1359) | 11 Apr 202500:00 | – | nessus | |
| EulerOS 2.0 SP11 : kernel (EulerOS-SA-2025-1360) | 11 Apr 202500:00 | – | nessus | |
| Oracle Linux 10 / 9 : Unbreakable Enterprise kernel (ELSA-2025-20480) | 18 Jul 202500:00 | – | nessus |
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(295922);
script_version("1.1");
script_set_attribute(attribute:"plugin_modification_date", value:"2026/01/22");
script_cve_id("CVE-2024-56703");
script_name(english:"Azure Linux 3.0 Security Update: kernel (CVE-2024-56703)");
script_set_attribute(attribute:"synopsis", value:
"The remote Azure Linux host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore,
affected by a vulnerability as referenced in the CVE-2024-56703 advisory.
- In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix soft lockups in
fib6_select_path under high next hop churn Soft lockups have been observed on a cluster of Linux-based
edge routers located in a highly dynamic environment. Using the `bird` service, these routers continuously
update BGP-advertised routes due to frequently changing nexthop destinations, while also managing
significant IPv6 traffic. The lockups occur during the traversal of the multipath circular linked-list in
the `fib6_select_path` function, particularly while iterating through the siblings in the list. The issue
typically arises when the nodes of the linked list are unexpectedly deleted concurrently on a different
coreindicated by their 'next' and 'previous' elements pointing back to the node itself and their
reference count dropping to zero. This results in an infinite loop, leading to a soft lockup that triggers
a system panic via the watchdog timer. Apply RCU primitives in the problematic code sections to resolve
the issue. Where necessary, update the references to fib6_siblings to annotate or use the RCU APIs.
Include a test script that reproduces the issue. The script periodically updates the routing table while
generating a heavy load of outgoing IPv6 traffic through multiple iperf3 clients. It consistently induces
infinite soft lockups within a couple of minutes. Kernel log: 0 [ffffbd13003e8d30] machine_kexec at
ffffffff8ceaf3eb 1 [ffffbd13003e8d90] __crash_kexec at ffffffff8d0120e3 2 [ffffbd13003e8e58] panic at
ffffffff8cef65d4 3 [ffffbd13003e8ed8] watchdog_timer_fn at ffffffff8d05cb03 4 [ffffbd13003e8f08]
__hrtimer_run_queues at ffffffff8cfec62f 5 [ffffbd13003e8f70] hrtimer_interrupt at ffffffff8cfed756 6
[ffffbd13003e8fd0] __sysvec_apic_timer_interrupt at ffffffff8cea01af 7 [ffffbd13003e8ff0]
sysvec_apic_timer_interrupt at ffffffff8df1b83d -- <IRQ stack> -- 8 [ffffbd13003d3708]
asm_sysvec_apic_timer_interrupt at ffffffff8e000ecb [exception RIP: fib6_select_path+299] RIP:
ffffffff8ddafe7b RSP: ffffbd13003d37b8 RFLAGS: 00000287 RAX: ffff975850b43600 RBX: ffff975850b40200 RCX:
0000000000000000 RDX: 000000003fffffff RSI: 0000000051d383e4 RDI: ffff975850b43618 RBP: ffffbd13003d3800
R8: 0000000000000000 R9: ffff975850b40200 R10: 0000000000000000 R11: 0000000000000000 R12:
ffffbd13003d3830 R13: ffff975850b436a8 R14: ffff975850b43600 R15: 0000000000000007 ORIG_RAX:
ffffffffffffffff CS: 0010 SS: 0018 9 [ffffbd13003d3808] ip6_pol_route at ffffffff8ddb030c 10
[ffffbd13003d3888] ip6_pol_route_input at ffffffff8ddb068c 11 [ffffbd13003d3898] fib6_rule_lookup at
ffffffff8ddf02b5 12 [ffffbd13003d3928] ip6_route_input at ffffffff8ddb0f47 13 [ffffbd13003d3a18]
ip6_rcv_finish_core.constprop.0 at ffffffff8dd950d0 14 [ffffbd13003d3a30] ip6_list_rcv_finish.constprop.0
at ffffffff8dd96274 15 [ffffbd13003d3a98] ip6_sublist_rcv at ffffffff8dd96474 16 [ffffbd13003d3af8]
ipv6_list_rcv at ffffffff8dd96615 17 [ffffbd13003d3b60] __netif_receive_skb_list_core at ffffffff8dc16fec
18 [ffffbd13003d3be0] netif_receive_skb_list_internal at ffffffff8dc176b3 19 [ffffbd13003d3c50]
napi_gro_receive at ffffffff8dc565b9 20 [ffffbd13003d3c80] ice_receive_skb at ffffffffc087e4f5 [ice] 21
[ffffbd13003d3c90] ice_clean_rx_irq at ffffffffc0881b80 [ice] 22 [ffffbd13003d3d20] ice_napi_poll at
ffffffffc088232f [ice] 23 [ffffbd13003d3d80] __napi_poll at ffffffff8dc18000 24 [ffffbd13003d3db8]
net_rx_action at ffffffff8dc18581 25 [ffffbd13003d3e40] __do_softirq at ffffffff8df352e9 26
[ffffbd13003d3eb0] run_ksoftirqd at ffffffff8ceffe47 27 [ffffbd13003d3ec0] smpboot_thread_fn at
ffffffff8cf36a30 28 [ffffbd13003d3ee8] kthread at ffffffff8cf2b39f 29 [ffffbd13003d3f28] ret_from_fork at
ffffffff8ce5fa64 30 [ffffbd13003d3f50] ret_from_fork_asm at ffffffff8ce03cbb (CVE-2024-56703)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://nvd.nist.gov/vuln/detail/CVE-2024-56703");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2024-56703");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2024/12/28");
script_set_attribute(attribute:"patch_publication_date", value:"2025/03/11");
script_set_attribute(attribute:"plugin_publication_date", value:"2026/01/22");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:azure_linux:bpftool");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:azure_linux:kernel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:azure_linux:kernel-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:azure_linux:kernel-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:azure_linux:kernel-docs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:azure_linux:kernel-drivers-accessibility");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:azure_linux:kernel-drivers-gpu");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:azure_linux:kernel-drivers-intree-amdgpu");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:azure_linux:kernel-drivers-sound");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:azure_linux:kernel-tools");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:azure_linux:python3-perf");
script_set_attribute(attribute:"cpe", value:"x-cpe:/o:microsoft:azure_linux");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Azure Linux Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info2.nasl");
script_require_keys("Host/local_checks_enabled", "Host/AzureLinux/release", "Host/AzureLinux/rpm-list", "Host/cpu");
exit(0);
}
include('rpm.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var release = get_kb_item('Host/AzureLinux/release');
if (isnull(release) || 'Azure Linux' >!< release) audit(AUDIT_OS_NOT, 'Azure Linux');
var os_ver = pregmatch(pattern: "Azure Linux ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Azure Linux');
os_ver = os_ver[1];
if (! preg(pattern:"^3([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'Azure Linux 3.0', 'Azure Linux ' + os_ver);
if (!get_kb_item('Host/AzureLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 'aarch64' >!< cpu)
audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Azure Linux', cpu);
var pkgs = [
{'reference':'bpftool-6.6.78.1-3.azl3', 'cpu':'aarch64', 'release':'3.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'bpftool-6.6.78.1-3.azl3', 'cpu':'x86_64', 'release':'3.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-6.6.78.1-3.azl3', 'cpu':'aarch64', 'release':'3.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-6.6.78.1-3.azl3', 'cpu':'x86_64', 'release':'3.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debuginfo-6.6.78.1-3.azl3', 'cpu':'aarch64', 'release':'3.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debuginfo-6.6.78.1-3.azl3', 'cpu':'x86_64', 'release':'3.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-devel-6.6.78.1-3.azl3', 'cpu':'aarch64', 'release':'3.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-devel-6.6.78.1-3.azl3', 'cpu':'x86_64', 'release':'3.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-docs-6.6.78.1-3.azl3', 'cpu':'aarch64', 'release':'3.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-docs-6.6.78.1-3.azl3', 'cpu':'x86_64', 'release':'3.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-drivers-accessibility-6.6.78.1-3.azl3', 'cpu':'aarch64', 'release':'3.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-drivers-accessibility-6.6.78.1-3.azl3', 'cpu':'x86_64', 'release':'3.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-drivers-gpu-6.6.78.1-3.azl3', 'cpu':'aarch64', 'release':'3.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-drivers-gpu-6.6.78.1-3.azl3', 'cpu':'x86_64', 'release':'3.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-drivers-intree-amdgpu-6.6.78.1-3.azl3', 'cpu':'aarch64', 'release':'3.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-drivers-intree-amdgpu-6.6.78.1-3.azl3', 'cpu':'x86_64', 'release':'3.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-drivers-sound-6.6.78.1-3.azl3', 'cpu':'aarch64', 'release':'3.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-drivers-sound-6.6.78.1-3.azl3', 'cpu':'x86_64', 'release':'3.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-6.6.78.1-3.azl3', 'cpu':'aarch64', 'release':'3.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-6.6.78.1-3.azl3', 'cpu':'x86_64', 'release':'3.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python3-perf-6.6.78.1-3.azl3', 'cpu':'aarch64', 'release':'3.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python3-perf-6.6.78.1-3.azl3', 'cpu':'x86_64', 'release':'3.0', 'rpm_spec_vers_cmp':TRUE}
];
var flag = 0;
foreach var package_array ( pkgs ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var el_string = NULL;
var rpm_spec_vers_cmp = NULL;
var epoch = NULL;
var allowmaj = NULL;
var exists_check = NULL;
var cves = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) _release = 'Azure Linux ' + package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
if (!empty_or_null(package_array['cves'])) cves = package_array['cves'];
if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {
if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bpftool / kernel / kernel-debuginfo / kernel-devel / kernel-docs / etc');
}
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation