EulerOS 2.0 SP8 affected by kernel vulnerabilitie
Reporter | Title | Published | Views | Family All 199 |
---|---|---|---|---|
![]() | Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-1320) | 9 Feb 202300:00 | – | openvas |
![]() | Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-2184) | 9 Jun 202300:00 | – | openvas |
![]() | Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-1488) | 9 Mar 202300:00 | – | openvas |
![]() | Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-1409) | 7 Mar 202300:00 | – | openvas |
![]() | Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-1424) | 7 Mar 202300:00 | – | openvas |
![]() | Fedora: Security Advisory for kernel (FEDORA-2022-b36cd53dca) | 5 Dec 202200:00 | – | openvas |
![]() | Fedora: Security Advisory for kernel (FEDORA-2022-24041b1667) | 6 Dec 202200:00 | – | openvas |
![]() | Fedora: Security Advisory for kernel (FEDORA-2022-e4460c41bc) | 5 Dec 202200:00 | – | openvas |
![]() | Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-1902) | 16 May 202300:00 | – | openvas |
![]() | Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-1637) | 27 Apr 202300:00 | – | openvas |
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(171139);
script_version("1.0");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/02/08");
script_cve_id(
"CVE-2022-1184",
"CVE-2022-3567",
"CVE-2022-4129",
"CVE-2022-20565",
"CVE-2022-41858",
"CVE-2022-43750"
);
script_name(english:"EulerOS 2.0 SP8 : kernel (EulerOS-SA-2023-1320)");
script_set_attribute(attribute:"synopsis", value:
"The remote EulerOS host is missing multiple security updates.");
script_set_attribute(attribute:"description", value:
"According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by
the following vulnerabilities :
- A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel's filesystem sub-
component. This flaw allows a local attacker with a user privilege to cause a denial of service.
(CVE-2022-1184)
- A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects
the function inet6_stream_ops/inet6_dgram_ops of the component IPv6 Handler. The manipulation leads to
race condition. It is recommended to apply a patch to fix this issue. VDB-211090 is the identifier
assigned to this vulnerability. (CVE-2022-3567)
- A flaw was found in the Linux kernel's Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing
sk_user_data can lead to a race condition and NULL pointer dereference. A local user could use this flaw
to potentially crash the system causing a denial of service. (CVE-2022-4129)
- A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in
progress to detach in sl_tx_timeout in drivers/net/slip/slip.c. This issue could allow an attacker to
crash the system or leak internal kernel information. (CVE-2022-41858)
- drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-
space client to corrupt the monitor's internal memory. (CVE-2022-43750)
- A vulnerability classified as critical was found in Linux Kernel (Operating System) (affected version
unknown). Affected by this vulnerability is some unknown processing of the component Cache Handler. There
is no information about possible countermeasures known. It may be suggested to replace the affected object
with an alternative product. (CVE-2022-20565)
Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security
advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional
issues.");
# https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2023-1320
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?ef171ec5");
script_set_attribute(attribute:"solution", value:
"Update the affected kernel packages.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:M/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-43750");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2022-41858");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2022/06/30");
script_set_attribute(attribute:"patch_publication_date", value:"2023/02/08");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/02/08");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:bpftool");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel-headers");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel-tools");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel-tools-libs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:perf");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:python-perf");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:python3-perf");
script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Huawei Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp");
script_exclude_keys("Host/EulerOS/uvp_version");
exit(0);
}
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var _release = get_kb_item("Host/EulerOS/release");
if (isnull(_release) || _release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
var uvp = get_kb_item("Host/EulerOS/uvp_version");
if (_release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP8");
var sp = get_kb_item("Host/EulerOS/sp");
if (isnull(sp) || sp !~ "^(8)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP8");
if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP8", "EulerOS UVP " + uvp);
if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu && "x86" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
if ("aarch64" >!< cpu) audit(AUDIT_ARCH_NOT, "aarch64", cpu);
var flag = 0;
var pkgs = [
"bpftool-4.19.36-vhulk1907.1.0.h1393.eulerosv2r8",
"kernel-4.19.36-vhulk1907.1.0.h1393.eulerosv2r8",
"kernel-devel-4.19.36-vhulk1907.1.0.h1393.eulerosv2r8",
"kernel-headers-4.19.36-vhulk1907.1.0.h1393.eulerosv2r8",
"kernel-tools-4.19.36-vhulk1907.1.0.h1393.eulerosv2r8",
"kernel-tools-libs-4.19.36-vhulk1907.1.0.h1393.eulerosv2r8",
"perf-4.19.36-vhulk1907.1.0.h1393.eulerosv2r8",
"python-perf-4.19.36-vhulk1907.1.0.h1393.eulerosv2r8",
"python3-perf-4.19.36-vhulk1907.1.0.h1393.eulerosv2r8"
];
foreach (var pkg in pkgs)
if (rpm_check(release:"EulerOS-2.0", sp:"8", reference:pkg)) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel");
}
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo