Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.EULEROS_SA-2022-2442.NASL
HistoryOct 08, 2022 - 12:00 a.m.

EulerOS 2.0 SP5 : libjpeg-turbo (EulerOS-SA-2022-2442)

2022-10-0800:00:00
This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
10

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

22.9%

JSON

According to the versions of the libjpeg-turbo packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

  • The PPM reader in libjpeg-turbo through 2.0.90 mishandles use of tjLoadImage for loading a 16-bit binary PPM file into a grayscale buffer and loading a 16-bit binary PGM file into an RGB buffer. This is related to a heap-based buffer overflow in the get_word_rgb_row function in rdppm.c. (CVE-2021-46822)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(165780);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/10/08");

  script_cve_id("CVE-2021-46822");

  script_name(english:"EulerOS 2.0 SP5 : libjpeg-turbo (EulerOS-SA-2022-2442)");

  script_set_attribute(attribute:"synopsis", value:
"The remote EulerOS host is missing a security update.");
  script_set_attribute(attribute:"description", value:
"According to the versions of the libjpeg-turbo packages installed, the EulerOS installation on the remote host is
affected by the following vulnerabilities :

  - The PPM reader in libjpeg-turbo through 2.0.90 mishandles use of tjLoadImage for loading a 16-bit binary
    PPM file into a grayscale buffer and loading a 16-bit binary PGM file into an RGB buffer. This is related
    to a heap-based buffer overflow in the get_word_rgb_row function in rdppm.c. (CVE-2021-46822)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security
advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional
issues.");
  # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-2442
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?a6d2f612");
  script_set_attribute(attribute:"solution", value:
"Update the affected libjpeg-turbo packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-46822");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2022/06/18");
  script_set_attribute(attribute:"patch_publication_date", value:"2022/10/08");
  script_set_attribute(attribute:"plugin_publication_date", value:"2022/10/08");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libjpeg-turbo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libjpeg-turbo-devel");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Huawei Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp");
  script_exclude_keys("Host/EulerOS/uvp_version");

  exit(0);
}

include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

var release = get_kb_item("Host/EulerOS/release");
if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
var uvp = get_kb_item("Host/EulerOS/uvp_version");
if (release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP5");

var sp = get_kb_item("Host/EulerOS/sp");
if (isnull(sp) || sp !~ "^(5)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP5");

if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP5", "EulerOS UVP " + uvp);

if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu);

var flag = 0;

var pkgs = [
  "libjpeg-turbo-1.2.90-6.h11.eulerosv2r7",
  "libjpeg-turbo-devel-1.2.90-6.h11.eulerosv2r7"
];

foreach (var pkg in pkgs)
  if (rpm_check(release:"EulerOS-2.0", sp:"5", reference:pkg)) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libjpeg-turbo");
}
VendorProductVersionCPE
huaweieuleroslibjpeg-turbop-cpe:/a:huawei:euleros:libjpeg-turbo
huaweieuleroslibjpeg-turbo-develp-cpe:/a:huawei:euleros:libjpeg-turbo-devel
huaweieuleros2.0cpe:/o:huawei:euleros:2.0

Related

openvas 15
cbl_mariner 1
nessus 20
rocky 1
nvd 1
cvelist 1
prion 1
debiancve 1
ubuntucve 1
mageia 1
cve 1
osv 4
amazon 1
redhatcve 1
redhat 1
oraclelinux 1
almalinux 1
cloudfoundry 1
ubuntu 1
ibm 1
openvas
openvas
Huawei EulerOS: Security Advisory for libjpeg-turbo (EulerOS-SA-2022-2351)
2022-09-26 00:00:00
Huawei EulerOS: Security Advisory for libjpeg-turbo (EulerOS-SA-2022-2442)
2022-10-10 00:00:00
Huawei EulerOS: Security Advisory for libjpeg-turbo (EulerOS-SA-2023-1733)
2023-05-08 00:00:00
cbl_mariner
cbl_mariner
CVE-2021-46822 affecting package libjpeg-turbo 2.0.0-7
2022-07-14 20:59:55
nessus
nessus
EulerOS 2.0 SP9 : libjpeg-turbo (EulerOS-SA-2022-2325)
2022-09-14 00:00:00
EulerOS Virtualization 3.0.6.0 : libjpeg-turbo (EulerOS-SA-2023-2200)
2023-06-13 00:00:00
EulerOS Virtualization 2.10.1 : libjpeg-turbo (EulerOS-SA-2022-2893)
2022-12-27 00:00:00
rocky
rocky
libjpeg-turbo security update
2023-03-08 16:38:23
nvd
nvd
CVE-2021-46822
2022-06-18 16:15:08
cvelist
cvelist
CVE-2021-46822
2022-06-18 15:27:44
prion
prion
Heap overflow
2022-06-18 16:15:00
debiancve
debiancve
CVE-2021-46822
2022-06-18 16:15:08
ubuntucve
ubuntucve
CVE-2021-46822
2022-06-18 00:00:00
mageia
mageia
Updated libjpeg packages fix security vulnerability
2022-10-01 20:48:24
cve
cve
CVE-2021-46822
2022-06-18 16:15:08
osv
osv
Moderate: libjpeg-turbo security update
2023-03-06 00:00:00
CVE-2021-46822
2022-06-18 16:15:08
Moderate: libjpeg-turbo security update
2023-03-08 16:38:23
amazon
amazon
Medium: libjpeg-turbo
2023-08-17 11:58:00
redhatcve
redhatcve
CVE-2021-46822
2022-06-22 09:36:12
redhat
redhat
(RHSA-2023:1068) Moderate: libjpeg-turbo security update
2023-03-06 10:50:14
oraclelinux
oraclelinux
libjpeg-turbo security update
2023-03-06 00:00:00
almalinux
almalinux
Moderate: libjpeg-turbo security update
2023-03-06 00:00:00
cloudfoundry
cloudfoundry
USN-5631-1: libjpeg-turbo vulnerabilities | Cloud Foundry
2022-09-29 00:00:00
ubuntu
ubuntu
libjpeg-turbo vulnerabilities
2022-09-22 00:00:00
ibm
ibm
Security Bulletin: IBM Transform Services for IBM i is vulnerable to denial of service, buffer overflow, and allowing attacker to obtain sensitive information due to multiple vulnerabilities.
2022-11-17 15:02:38

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

22.9%

JSON
Related for EULEROS_SA-2022-2442.NASL
openvas15cbl_mariner1nessus20rocky1nvd1cvelist1prion1debiancve1ubuntucve1mageia1cve1osv4amazon1redhatcve1redhat1oraclelinux1almalinux1cloudfoundry1ubuntu1ibm1