Lucene search
This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.FEDORA_2022-5D37367673.NASLHistoryDec 03, 2022 - 12:00 a.m.
Fedora 36 : capnproto / fastnetmon / librime / rr / sonic-visualiser (2022-5d37367673)
2022-12-0300:00:00
This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
13
The remote Fedora 36 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2022-5d37367673 advisory.
- Cap’n Proto is a data interchange format and remote procedure call (RPC) system. Cap’n Proro prior to versions 0.7.1, 0.8.1, 0.9.2, and 0.10.3, as well as versions of Cap’n Proto’s Rust implementation prior to 0.13.7, 0.14.11, and 0.15.2 are vulnerable to out-of-bounds read due to logic error handling list-of- list. This issue may lead someone to remotely segfault a peer by sending it a malicious message, if the victim performs certain actions on a list-of-pointer type. Exfiltration of memory is possible if the victim performs additional certain actions on a list-of-pointer type. To be vulnerable, an application must perform a specific sequence of actions, described in the GitHub Security Advisory. The bug is present in inlined code, therefore the fix will require rebuilding dependent applications. Cap’n Proto has C++ fixes available in versions 0.7.1, 0.8.1, 0.9.2, and 0.10.3. The
capnpRust crate has fixes available in versions 0.13.7, 0.14.11, and 0.15.2. (CVE-2022-46149)
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
# The descriptive text and package checks in this plugin were
# extracted from Fedora Security Advisory FEDORA-2022-5d37367673
#
include('compat.inc');
if (description)
{
script_id(168382);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2022/12/07");
script_cve_id("CVE-2022-46149");
script_xref(name:"FEDORA", value:"2022-5d37367673");
script_name(english:"Fedora 36 : capnproto / fastnetmon / librime / rr / sonic-visualiser (2022-5d37367673)");
script_set_attribute(attribute:"synopsis", value:
"The remote Fedora host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote Fedora 36 host has packages installed that are affected by a vulnerability as referenced in the
FEDORA-2022-5d37367673 advisory.
- Cap'n Proto is a data interchange format and remote procedure call (RPC) system. Cap'n Proro prior to
versions 0.7.1, 0.8.1, 0.9.2, and 0.10.3, as well as versions of Cap'n Proto's Rust implementation prior
to 0.13.7, 0.14.11, and 0.15.2 are vulnerable to out-of-bounds read due to logic error handling list-of-
list. This issue may lead someone to remotely segfault a peer by sending it a malicious message, if the
victim performs certain actions on a list-of-pointer type. Exfiltration of memory is possible if the
victim performs additional certain actions on a list-of-pointer type. To be vulnerable, an application
must perform a specific sequence of actions, described in the GitHub Security Advisory. The bug is present
in inlined code, therefore the fix will require rebuilding dependent applications. Cap'n Proto has C++
fixes available in versions 0.7.1, 0.8.1, 0.9.2, and 0.10.3. The `capnp` Rust crate has fixes available in
versions 0.13.7, 0.14.11, and 0.15.2. (CVE-2022-46149)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://bodhi.fedoraproject.org/updates/FEDORA-2022-5d37367673");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-46149");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2022/11/30");
script_set_attribute(attribute:"patch_publication_date", value:"2022/12/02");
script_set_attribute(attribute:"plugin_publication_date", value:"2022/12/03");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:36");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:capnproto");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:fastnetmon");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:librime");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:rr");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:sonic-visualiser");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Fedora Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include('rpm.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/RedHat/release');
if (isnull(os_release) || 'Fedora' >!< os_release) audit(AUDIT_OS_NOT, 'Fedora');
var os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Fedora');
os_ver = os_ver[1];
if (! preg(pattern:"^36([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'Fedora 36', 'Fedora ' + os_ver);
if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Fedora', cpu);
var pkgs = [
{'reference':'capnproto-0.9.2-1.fc36', 'release':'FC36', 'rpm_spec_vers_cmp':TRUE},
{'reference':'fastnetmon-1.2.1-2.20220528git420e7b8.fc36', 'release':'FC36', 'rpm_spec_vers_cmp':TRUE},
{'reference':'librime-1.7.3-2.fc36', 'release':'FC36', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rr-5.6.0-2.fc36', 'release':'FC36', 'rpm_spec_vers_cmp':TRUE},
{'reference':'sonic-visualiser-4.5-2.fc36', 'release':'FC36', 'rpm_spec_vers_cmp':TRUE}
];
var flag = 0;
foreach package_array ( pkgs ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var el_string = NULL;
var rpm_spec_vers_cmp = NULL;
var epoch = NULL;
var allowmaj = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) _release = package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
if (reference && _release) {
if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'capnproto / fastnetmon / librime / etc');
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| fedoraproject | fedora | 36 | cpe:/o:fedoraproject:fedora:36 |
| fedoraproject | fedora | capnproto | p-cpe:/a:fedoraproject:fedora:capnproto |
| fedoraproject | fedora | fastnetmon | p-cpe:/a:fedoraproject:fedora:fastnetmon |
| fedoraproject | fedora | librime | p-cpe:/a:fedoraproject:fedora:librime |
| fedoraproject | fedora | rr | p-cpe:/a:fedoraproject:fedora:rr |
| fedoraproject | fedora | sonic-visualiser | p-cpe:/a:fedoraproject:fedora:sonic-visualiser |
Related
nessus
nessus
Fedora 36 : rust-capnp / rust-sequoia-octopus-librnp (2022-fd7eeedd02)
2022-12-22 00:00:00
SUSE SLED15 / SLES15 Security Update : capnproto (SUSE-SU-2022:4478-1)
2022-12-15 00:00:00
RHCOS 4 : OpenShift Container Platform 4.12.9 (RHSA-2023:1408)
2024-01-24 00:00:00
alpinelinux
alpinelinux
CVE-2022-46149
2022-11-30 17:15:00
debiancve
debiancve
CVE-2022-46149
2022-11-30 17:15:00
fedora
fedora
[SECURITY] Fedora 37 Update: fastnetmon-1.2.1-4.20220528git420e7b8.fc37
2022-12-03 02:03:35
[SECURITY] Fedora 36 Update: rust-sequoia-octopus-librnp-1.4.1-2.fc36
2022-12-10 01:28:55
[SECURITY] Fedora 37 Update: rr-5.6.0-2.fc37
2022-12-03 02:03:35
openvas
openvas
Fedora: Security Advisory for capnproto (FEDORA-2022-18023b665f)
2022-12-04 00:00:00
Fedora: Security Advisory for fastnetmon (FEDORA-2022-18023b665f)
2022-12-04 00:00:00
osv
osv
out-of-bounds read possible when setting list-of-pointers
2022-11-30 12:00:00
CVE-2022-46149
2022-11-30 17:15:10
prion
prion
Out-of-bounds
2022-11-30 17:15:00
cve
cve
CVE-2022-46149
2022-11-30 17:15:00
redhatcve
redhatcve
CVE-2022-46149
2022-12-01 19:26:13
ubuntucve
ubuntucve
CVE-2022-46149
2022-11-30 00:00:00
veracode
veracode
Out-Of-Bounds Read
2022-12-15 01:44:45
rustsec
rustsec
out-of-bounds read possible when setting list-of-pointers
2022-11-30 12:00:00
gitlab
gitlab
Out-of-bounds Read
2022-11-30 00:00:00
redhat
redhat
github
github
Related for FEDORA_2022-5D37367673.NASL