Lucene search
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.EULEROS_SA-2023-1486.NASLHistoryMar 08, 2023 - 12:00 a.m.
EulerOS 2.0 SP9 : kernel (EulerOS-SA-2023-1486)
2023-03-0800:00:00
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
16
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :
- In verity_target of dm-verity-target.c, there is a possible way to modify read-only files due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-234475629References: Upstream kernel (CVE-2022-20572)
Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(172263);
script_version("1.0");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/03/08");
script_cve_id("CVE-2022-20572");
script_name(english:"EulerOS 2.0 SP9 : kernel (EulerOS-SA-2023-1486)");
script_set_attribute(attribute:"synopsis", value:
"The remote EulerOS host is missing a security update.");
script_set_attribute(attribute:"description", value:
"According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by
the following vulnerabilities :
- In verity_target of dm-verity-target.c, there is a possible way to modify read-only files due to a missing
permission check. This could lead to local escalation of privilege with System execution privileges
needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid
ID: A-234475629References: Upstream kernel (CVE-2022-20572)
Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security
advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional
issues.");
# https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2023-1486
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?0c6c5d67");
script_set_attribute(attribute:"solution", value:
"Update the affected kernel packages.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:M/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-20572");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2022/12/16");
script_set_attribute(attribute:"patch_publication_date", value:"2023/03/08");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/03/08");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel-tools");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel-tools-libs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:python3-perf");
script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Huawei Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp");
script_exclude_keys("Host/EulerOS/uvp_version");
exit(0);
}
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var _release = get_kb_item("Host/EulerOS/release");
if (isnull(_release) || _release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
var uvp = get_kb_item("Host/EulerOS/uvp_version");
if (_release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP9");
var sp = get_kb_item("Host/EulerOS/sp");
if (isnull(sp) || sp !~ "^(9)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP9");
if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP9", "EulerOS UVP " + uvp);
if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu && "x86" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "x86" >!< cpu) audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu);
var flag = 0;
var pkgs = [
"kernel-4.18.0-147.5.1.6.h841.eulerosv2r9",
"kernel-tools-4.18.0-147.5.1.6.h841.eulerosv2r9",
"kernel-tools-libs-4.18.0-147.5.1.6.h841.eulerosv2r9",
"python3-perf-4.18.0-147.5.1.6.h841.eulerosv2r9"
];
foreach (var pkg in pkgs)
if (rpm_check(release:"EulerOS-2.0", sp:"9", reference:pkg)) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| huawei | euleros | kernel-tools-libs | p-cpe:/a:huawei:euleros:kernel-tools-libs |
| huawei | euleros | kernel-tools | p-cpe:/a:huawei:euleros:kernel-tools |
| huawei | euleros | python3-perf | p-cpe:/a:huawei:euleros:python3-perf |
| huawei | euleros | kernel | p-cpe:/a:huawei:euleros:kernel |
| huawei | euleros | 2.0 | cpe:/o:huawei:euleros:2.0 |
Related
debiancve
debiancve
CVE-2022-20572
2022-12-16 16:15:00
cve
cve
CVE-2022-20572
2022-12-16 16:15:00
redhatcve
redhatcve
CVE-2022-20572
2023-04-13 17:00:47
nessus
nessus
EulerOS 2.0 SP8 : kernel (EulerOS-SA-2023-1347)
2023-02-08 00:00:00
EulerOS 2.0 SP5 : kernel (EulerOS-SA-2023-2181)
2023-06-09 00:00:00
EulerOS 2.0 SP11 : kernel (EulerOS-SA-2023-1584)
2023-03-23 00:00:00
cnvd
cnvd
Google Android Kernel Elevation of Privilege Vulnerability (CNVD-2023-12019)
2023-02-10 00:00:00
prion
prion
Design/Logic Flaw
2022-12-16 16:15:00
openvas
openvas
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-2181)
2023-06-09 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-1486)
2023-03-09 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-1347)
2023-02-09 00:00:00
ubuntucve
ubuntucve
CVE-2022-20572
2022-12-16 00:00:00
redhat
redhat
(RHSA-2022:7444) Moderate: kernel-rt security and bug fix update
2022-11-08 06:19:55
(RHSA-2022:7683) Moderate: kernel security, bug fix, and enhancement update
2022-11-08 06:26:19
(RHSA-2022:7933) Moderate: kernel-rt security and bug fix update
2022-11-15 06:11:40
osv
osv
linux-aws vulnerabilities
2023-04-06 00:13:53
linux-aws vulnerabilities
2023-04-12 14:41:24
linux, linux-kvm, linux-lts-xenial vulnerabilities
2023-04-12 21:13:23
ubuntu
ubuntu
Linux kernel (AWS) vulnerabilities
2023-04-06 00:00:00
Linux kernel (AWS) vulnerabilities
2023-04-12 00:00:00
Linux kernel vulnerabilities
2023-04-12 00:00:00
ics
ics
Siemens SIMATIC S7-1500 TM MFP Linux Kernel
2023-06-15 12:00:00
Related for EULEROS_SA-2023-1486.NASL