Lucene search
This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.CENTOS8_RHSA-2019-3705.NASLHistoryJan 29, 2021 - 12:00 a.m.
CentOS 8 : libjpeg-turbo (CESA-2019:3705)
2021-01-2900:00:00
This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
39
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
AI Score
7
Confidence
High
EPSS
0.002
Percentile
62.2%
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2019:3705 advisory.
- libjpeg-turbo: heap-based buffer over-read via crafted 8-bit BMP in get_8bit_row in rdbmp.c leads to denial of service (CVE-2018-14498)
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
##
# (C) Tenable Network Security, Inc.
#
# The package checks in this plugin were extracted from
# Red Hat Security Advisory RHSA-2019:3705. The text
# itself is copyright (C) Red Hat, Inc.
##
include('compat.inc');
if (description)
{
script_id(145629);
script_version("1.5");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/01/25");
script_cve_id("CVE-2018-14498");
script_xref(name:"RHSA", value:"2019:3705");
script_name(english:"CentOS 8 : libjpeg-turbo (CESA-2019:3705)");
script_set_attribute(attribute:"synopsis", value:
"The remote CentOS host is missing a security update.");
script_set_attribute(attribute:"description", value:
"The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the
CESA-2019:3705 advisory.
- libjpeg-turbo: heap-based buffer over-read via crafted 8-bit BMP in get_8bit_row in rdbmp.c leads to
denial of service (CVE-2018-14498)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2019:3705");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-14498");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2019/03/07");
script_set_attribute(attribute:"patch_publication_date", value:"2019/11/05");
script_set_attribute(attribute:"plugin_publication_date", value:"2021/01/29");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:8");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libjpeg-turbo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libjpeg-turbo-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libjpeg-turbo-utils");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:turbojpeg");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:turbojpeg-devel");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CentOS Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list", "Host/cpu");
exit(0);
}
include('audit.inc');
include('global_settings.inc');
include('misc_func.inc');
include('rpm.inc');
include('rhel.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item('Host/CentOS/release');
if (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');
os_ver = pregmatch(pattern: "CentOS(?: Stream)?(?: Linux)? release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');
os_ver = os_ver[1];
if ('CentOS Stream' >< release) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS Stream ' + os_ver);
if (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);
if (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);
pkgs = [
{'reference':'libjpeg-turbo-1.5.3-10.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'libjpeg-turbo-1.5.3-10.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'libjpeg-turbo-devel-1.5.3-10.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'libjpeg-turbo-devel-1.5.3-10.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'libjpeg-turbo-utils-1.5.3-10.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'libjpeg-turbo-utils-1.5.3-10.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'turbojpeg-1.5.3-10.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'turbojpeg-1.5.3-10.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'turbojpeg-devel-1.5.3-10.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'turbojpeg-devel-1.5.3-10.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}
];
flag = 0;
foreach package_array ( pkgs ) {
reference = NULL;
release = NULL;
sp = NULL;
cpu = NULL;
el_string = NULL;
rpm_spec_vers_cmp = NULL;
epoch = NULL;
allowmaj = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) release = 'CentOS-' + package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];
if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
if (reference && release) {
if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libjpeg-turbo / libjpeg-turbo-devel / libjpeg-turbo-utils / turbojpeg / etc');
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| centos | centos | 8 | cpe:/o:centos:centos:8 |
| centos | centos | libjpeg-turbo | p-cpe:/a:centos:centos:libjpeg-turbo |
| centos | centos | libjpeg-turbo-devel | p-cpe:/a:centos:centos:libjpeg-turbo-devel |
| centos | centos | libjpeg-turbo-utils | p-cpe:/a:centos:centos:libjpeg-turbo-utils |
| centos | centos | turbojpeg | p-cpe:/a:centos:centos:turbojpeg |
| centos | centos | turbojpeg-devel | p-cpe:/a:centos:centos:turbojpeg-devel |
Related
cvelist
cvelist
CVE-2018-14498
2019-03-07 22:00:00
nessus
nessus
Debian DLA-1719-1 : libjpeg-turbo security update
2019-03-19 00:00:00
EulerOS 2.0 SP5 : libjpeg-turbo (EulerOS-SA-2019-1892)
2019-09-16 00:00:00
Oracle Linux 8 : libjpeg-turbo (ELSA-2019-3705)
2023-09-07 00:00:00
ubuntucve
ubuntucve
CVE-2018-14498
2019-03-07 00:00:00
redhat
redhat
(RHSA-2019:3705) Moderate: libjpeg-turbo security update
2019-11-05 20:53:12
(RHSA-2019:2052) Moderate: libjpeg-turbo security update
2019-08-06 07:55:58
rocky
rocky
libjpeg-turbo security update
2019-11-05 20:53:12
cve
cve
CVE-2018-14498
2019-03-07 23:29:00
redhatcve
redhatcve
CVE-2018-14498
2019-03-11 13:20:14
osv
osv
CVE-2018-14498
2019-03-07 23:29:00
libjpeg-turbo - security update
2019-03-18 00:00:00
Moderate: libjpeg-turbo security update
2019-11-05 20:53:12
oraclelinux
oraclelinux
libjpeg-turbo security update
2019-11-14 00:00:00
libjpeg-turbo security update
2019-08-13 00:00:00
prion
prion
Heap overflow
2019-03-07 23:29:00
debiancve
debiancve
CVE-2018-14498
2019-03-07 23:29:00
mageia
mageia
Updated libjpeg packages fix security vulnerability
2019-04-05 21:12:59
debian
debian
[SECURITY] [DLA 1719-1] libjpeg-turbo security update
2019-03-18 19:11:26
[SECURITY] [DLA 2302-1] libjpeg-turbo security update
2020-07-31 18:28:37
openvas
openvas
Huawei EulerOS: Security Advisory for libjpeg-turbo (EulerOS-SA-2019-1955)
2020-01-23 00:00:00
Mageia: Security Advisory (MGASA-2019-0132)
2022-01-28 00:00:00
Huawei EulerOS: Security Advisory for libjpeg-turbo (EulerOS-SA-2019-1892)
2020-01-23 00:00:00
nvd
nvd
CVE-2018-14498
2019-03-07 23:29:00
veracode
veracode
Denial Of Service (Dos)
2019-08-08 00:07:17
almalinux
almalinux
Moderate: libjpeg-turbo security update
2019-11-05 20:53:12
alpinelinux
alpinelinux
CVE-2018-14498
2019-03-07 23:29:00
suse
suse
Security update for libjpeg-turbo (moderate)
2019-04-02 00:00:00
Security update for libjpeg-turbo (moderate)
2019-05-08 00:00:00
fedora
fedora
[SECURITY] Fedora 28 Update: libjpeg-turbo-1.5.3-7.fc28
2019-03-29 02:04:54
ubuntu
ubuntu
libjpeg-turbo vulnerabilities
2022-08-08 00:00:00
libjpeg-turbo vulnerabilities
2019-11-13 00:00:00
cloudfoundry
cloudfoundry
USN-4190-1: libjpeg-turbo vulnerabilities | Cloud Foundry
2019-11-18 00:00:00
f5
f5
centos
centos
libjpeg, turbojpeg security update
2019-08-30 03:16:23
amazon
amazon
Medium: libjpeg-turbo
2019-09-13 22:58:00
Medium: libjpeg-turbo
2019-11-04 22:23:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
AI Score
7
Confidence
High
EPSS
0.002
Percentile
62.2%
Related for CENTOS8_RHSA-2019-3705.NASL