Lucene search
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.CENTOS_RHSA-2024-0753.NASLHistoryFeb 09, 2024 - 12:00 a.m.
CentOS 7 : linux-firmware (RHSA-2024:0753)
2024-02-0900:00:00
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
88
centos 7
linux-firmware
rhsa-2024:0753
vulnerability
amd cpus
hypervisor
cache
memory integrity
nessus
scanner
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
7.1 High
AI Score
Confidence
Low
0.0005 Low
EPSS
Percentile
16.1%
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0753 advisory.
- Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine (VM) memory integrity. (CVE-2023-20592)
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2024:0753.
##
include('compat.inc');
if (description)
{
script_id(190366);
script_version("1.0");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/02/09");
script_cve_id("CVE-2023-20592");
script_xref(name:"RHSA", value:"2024:0753");
script_name(english:"CentOS 7 : linux-firmware (RHSA-2024:0753)");
script_set_attribute(attribute:"synopsis", value:
"The remote CentOS Linux host is missing a security update.");
script_set_attribute(attribute:"description", value:
"The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the
RHSA-2024:0753 advisory.
- Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a
malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of
guest virtual machine (VM) memory integrity. (CVE-2023-20592)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2024:0753");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:C/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-20592");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vendor_severity", value:"Moderate");
script_set_attribute(attribute:"vuln_publication_date", value:"2023/11/14");
script_set_attribute(attribute:"patch_publication_date", value:"2024/02/09");
script_set_attribute(attribute:"plugin_publication_date", value:"2024/02/09");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:iwl100-firmware");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:iwl1000-firmware");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:iwl105-firmware");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:iwl135-firmware");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:iwl2000-firmware");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:iwl2030-firmware");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:iwl3160-firmware");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:iwl3945-firmware");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:iwl4965-firmware");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:iwl5000-firmware");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:iwl5150-firmware");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:iwl6000-firmware");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:iwl6000g2a-firmware");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:iwl6000g2b-firmware");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:iwl6050-firmware");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:iwl7260-firmware");
script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:7");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CentOS Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list", "Host/cpu");
exit(0);
}
include('rpm.inc');
include('rhel.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/CentOS/release');
if (isnull(os_release) || 'CentOS' >!< os_release) audit(AUDIT_OS_NOT, 'CentOS');
var os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');
os_ver = os_ver[1];
if (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'CentOS 7.x', 'CentOS ' + os_ver);
if (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);
var pkgs = [
{'reference':'iwl100-firmware-39.31.5.1-82.el7', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'iwl1000-firmware-39.31.5.1-82.el7', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'iwl105-firmware-18.168.6.1-82.el6', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'iwl135-firmware-18.168.6.1-82.el6', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'iwl2000-firmware-18.168.6.1-82.el6', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'iwl2030-firmware-18.168.6.1-82.el6', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'iwl3160-firmware-25.30.13.0-82.el6', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'iwl3945-firmware-15.32.2.9-82.el6', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'iwl4965-firmware-228.61.2.24-82.el6', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'iwl5000-firmware-8.83.5.1_1-82.el7', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'iwl5150-firmware-8.24.2.2-82.el6', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'iwl6000-firmware-9.221.4.1-82.el6', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'iwl6000g2a-firmware-18.168.6.1-82.el6', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'iwl6000g2b-firmware-18.168.6.1-82.el6', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'iwl6050-firmware-41.28.5.1-82.el6', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE},
{'reference':'iwl7260-firmware-25.30.13.0-82.el6', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE}
];
var flag = 0;
foreach var package_array ( pkgs ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var el_string = NULL;
var rpm_spec_vers_cmp = NULL;
var epoch = NULL;
var allowmaj = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) _release = package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
if (reference && _release) {
if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'iwl100-firmware / iwl1000-firmware / iwl105-firmware / etc');
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| centos | centos | iwl6050-firmware | p-cpe:/a:centos:centos:iwl6050-firmware |
| centos | centos | 7 | cpe:/o:centos:centos:7 |
| centos | centos | iwl105-firmware | p-cpe:/a:centos:centos:iwl105-firmware |
| centos | centos | iwl3945-firmware | p-cpe:/a:centos:centos:iwl3945-firmware |
| centos | centos | iwl4965-firmware | p-cpe:/a:centos:centos:iwl4965-firmware |
| centos | centos | iwl6000g2a-firmware | p-cpe:/a:centos:centos:iwl6000g2a-firmware |
| centos | centos | iwl2030-firmware | p-cpe:/a:centos:centos:iwl2030-firmware |
| centos | centos | iwl100-firmware | p-cpe:/a:centos:centos:iwl100-firmware |
| centos | centos | iwl3160-firmware | p-cpe:/a:centos:centos:iwl3160-firmware |
| centos | centos | iwl135-firmware | p-cpe:/a:centos:centos:iwl135-firmware |
Related
debiancve
debiancve
CVE-2023-20592
2023-11-14 19:15:16
nessus
nessus
RHEL 7 : linux-firmware (RHSA-2024:0979)
2024-02-27 00:00:00
RHEL 7 : linux-firmware (RHSA-2024:0978)
2024-02-26 00:00:00
RHEL 7 : linux-firmware (RHSA-2024:0753)
2024-04-28 00:00:00
centos
centos
redhat
redhat
(RHSA-2024:0979) Moderate: linux-firmware security update
2024-02-26 09:13:25
(RHSA-2024:0753) Moderate: linux-firmware security update
2024-02-08 17:23:15
(RHSA-2024:0978) Moderate: linux-firmware security update
2024-02-26 09:13:17
amd
amd
AMD INVD Instruction Security Notice
2023-11-14 00:00:00
veracode
veracode
Memory Integrity Loss
2023-11-28 13:21:22
cvelist
cvelist
CVE-2023-20592
2023-11-14 18:54:13
cve
cve
CVE-2023-20592
2023-11-14 19:15:16
prion
prion
Input validation
2023-11-14 19:15:00
redhatcve
redhatcve
CVE-2023-20592
2023-11-15 00:28:23
openvas
openvas
CentOS: Security Advisory for iwl1000-firmware (CESA-2024:0753)
2024-03-05 00:00:00
SUSE: Security Advisory (SUSE-SU-2023:4655-1)
2023-12-07 00:00:00
SUSE: Security Advisory (SUSE-SU-2023:4654-1)
2023-12-07 00:00:00
nvd
nvd
CVE-2023-20592
2023-11-14 19:15:16
thn
thn
Reptar: New Intel CPU Vulnerability Impacts Multi-Tenant Virtualized Environments
2023-11-15 07:52:00
CacheWarp Attack: New Vulnerability in AMD SEV Exposes Encrypted VMs
2023-11-14 18:40:00
ubuntucve
ubuntucve
CVE-2023-20592
2023-11-14 00:00:00
osv
osv
Important: linux-firmware security update
2024-05-22 00:00:00
almalinux
almalinux
Important: linux-firmware security update
2024-05-22 00:00:00
oraclelinux
oraclelinux
linux-firmware security update
2024-05-24 00:00:00
talosblog
talosblog
We all just need to agree that ad blockers are good
2023-11-16 19:00:39
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
7.1 High
AI Score
Confidence
Low
0.0005 Low
EPSS
Percentile
16.1%
Related for CENTOS_RHSA-2024-0753.NASL