Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.FREEBSD_PKG_29F050E93EF44C5F8204503B41CAF181.NASL
HistoryAug 31, 2023 - 12:00 a.m.

FreeBSD : electron24 -- multiple vulnerabilities (29f050e9-3ef4-4c5f-8204-503b41caf181)

2023-08-3100:00:00
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
12
freebsd
electron24
vulnerabilities
out of bounds memory access
use after free
google chrome
cve-2023-4427
cve-2023-4428
cve-2023-4430
cve-2023-4572
nessus scanner
JSON

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 29f050e9-3ef4-4c5f-8204-503b41caf181 advisory.

  • Out of bounds memory access in V8 in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High) (CVE-2023-4427)

  • Out of bounds memory access in CSS in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High) (CVE-2023-4428)

  • Use after free in Vulkan in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2023-4430)

  • Use after free in MediaStream in Google Chrome prior to 116.0.5845.140 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2023-4572)

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 80900
#
# (C) Tenable, Inc.
#
# @NOAGENT@
#
# The descriptive text and package checks in this plugin were
# extracted from the FreeBSD VuXML database :
#
# Copyright 2003-2021 Jacques Vidrine and contributors
#
# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,
# HTML, PDF, PostScript, RTF and so forth) with or without modification,
# are permitted provided that the following conditions are met:
# 1. Redistributions of source code (VuXML) must retain the above
#    copyright notice, this list of conditions and the following
#    disclaimer as the first lines of this file unmodified.
# 2. Redistributions in compiled form (transformed to other DTDs,
#    published online in any format, converted to PDF, PostScript,
#    RTF and other formats) must reproduce the above copyright
#    notice, this list of conditions and the following disclaimer
#    in the documentation and/or other materials provided with the
#    distribution.
#
# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS
# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,
# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#

include('compat.inc');

if (description)
{
  script_id(180363);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/10/06");

  script_cve_id(
    "CVE-2023-4427",
    "CVE-2023-4428",
    "CVE-2023-4430",
    "CVE-2023-4572"
  );

  script_name(english:"FreeBSD : electron24 -- multiple vulnerabilities (29f050e9-3ef4-4c5f-8204-503b41caf181)");

  script_set_attribute(attribute:"synopsis", value:
"The remote FreeBSD host is missing one or more security-related updates.");
  script_set_attribute(attribute:"description", value:
"The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple
vulnerabilities as referenced in the 29f050e9-3ef4-4c5f-8204-503b41caf181 advisory.

  - Out of bounds memory access in V8 in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to
    perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)
    (CVE-2023-4427)

  - Out of bounds memory access in CSS in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to
    perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)
    (CVE-2023-4428)

  - Use after free in Vulkan in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to potentially
    exploit heap corruption via a crafted HTML page. (Chromium security severity: High) (CVE-2023-4430)

  - Use after free in MediaStream in Google Chrome prior to 116.0.5845.140 allowed a remote attacker to
    potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
    (CVE-2023-4572)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://github.com/advisories/GHSA-6994-5wq3-gpjv");
  script_set_attribute(attribute:"see_also", value:"https://github.com/advisories/GHSA-h295-rcc5-87jh");
  script_set_attribute(attribute:"see_also", value:"https://github.com/advisories/GHSA-m56x-9vph-h345");
  script_set_attribute(attribute:"see_also", value:"https://github.com/advisories/GHSA-qqwc-fhxf-4mf3");
  # https://vuxml.freebsd.org/freebsd/29f050e9-3ef4-4c5f-8204-503b41caf181.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?1c9e64a6");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-4572");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2023/08/22");
  script_set_attribute(attribute:"patch_publication_date", value:"2023/08/31");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/08/31");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:electron24");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:freebsd:freebsd");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"FreeBSD Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/FreeBSD/release", "Host/FreeBSD/pkg_info");

  exit(0);
}


include("freebsd_package.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/FreeBSD/release")) audit(AUDIT_OS_NOT, "FreeBSD");
if (!get_kb_item("Host/FreeBSD/pkg_info")) audit(AUDIT_PACKAGE_LIST_MISSING);


var flag = 0;

var packages = [
    'electron24<24.8.2'
];

foreach var package( packages ) {
    if (pkg_test(save_report:TRUE, pkg: package)) flag++;
}

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : pkg_report_get()
  );
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
freebsdfreebsdelectron24p-cpe:/a:freebsd:freebsd:electron24
freebsdfreebsdcpe:/o:freebsd:freebsd

Related

freebsd 6
nessus 16
mageia 1
openvas 15
kaspersky 4
chrome 2
malwarebytes 1
fedora 3
veracode 4
prion 4
cve 4
debiancve 4
mscve 4
ubuntucve 4
cvelist 4
cnvd 1
gentoo 1
freebsd
freebsd
electron24 -- multiple vulnerabilities
2023-08-30 00:00:00
electron25 -- multiple vulnerabilities
2023-08-30 00:00:00
electron22 -- multiple vulnerabilities
2023-08-30 00:00:00
nessus
nessus
FreeBSD : electron25 -- multiple vulnerabilities (970dcbe0-a947-41a4-abe9-7aaba87f41fe)
2023-08-31 00:00:00
FreeBSD : electron22 -- multiple vulnerabilities (579c7489-c23d-454a-b0fc-ed9d80ea46e0)
2023-08-31 00:00:00
FreeBSD : chromium -- multiple vulnerabilities (5fa332b9-4269-11ee-8290-a8a1599412c6)
2023-08-24 00:00:00
mageia
mageia
Updated chromium-browser-stable packages fix security vulnerability
2023-09-11 16:07:54
openvas
openvas
Mageia: Security Advisory (MGASA-2023-0256)
2023-09-11 00:00:00
Google Chrome Security Update (chrome-desktop-stable-update-2023-08) - Mac OS X
2023-08-23 00:00:00
Debian: Security Advisory (DSA-5483-1)
2023-08-28 00:00:00
kaspersky
kaspersky
KLA52396 Multiple vulnerabilities in Google Chrome
2023-08-22 00:00:00
KLA52555 Multiple vulnerabilities in Microsoft Browser
2023-08-25 00:00:00
KLA52702 ACE vulnerability in Microsoft Browser
2023-08-31 00:00:00
chrome
chrome
Stable Channel Update for Desktop
2023-08-22 00:00:00
Stable Channel Update for Desktop
2023-08-29 00:00:00
malwarebytes
malwarebytes
Update now! Google Chrome's first weekly update has arrived
2023-08-25 18:15:00
fedora
fedora
[SECURITY] Fedora 39 Update: chromium-116.0.5845.179-1.fc39
2023-09-15 19:08:58
[SECURITY] Fedora 38 Update: chromium-117.0.5938.62-1.fc38
2023-09-18 01:25:57
[SECURITY] Fedora 37 Update: chromium-117.0.5938.88-1.fc37
2023-09-21 01:22:25
veracode
veracode
Out-Of-Bounds Memory Access
2023-08-30 15:14:31
Out-Of-Bounds Memory Access
2023-08-30 15:14:34
Use After Free
2023-08-30 15:33:24
prion
prion
Design/Logic Flaw
2023-08-23 00:15:00
Out-of-bounds
2023-08-23 00:15:00
Design/Logic Flaw
2023-08-23 00:15:00
cve
cve
CVE-2023-4427
2023-08-23 00:15:09
CVE-2023-4430
2023-08-23 00:15:09
CVE-2023-4428
2023-08-23 00:15:09
debiancve
debiancve
CVE-2023-4427
2023-08-23 00:15:09
CVE-2023-4430
2023-08-23 00:15:09
CVE-2023-4428
2023-08-23 00:15:09
mscve
mscve
Chromium: CVE-2023-4430: Use after free in Vulkan
2023-08-25 07:00:46
Chromium: CVE-2023-4427: Out of bounds memory access in V8
2023-08-25 07:00:34
Chromium: CVE-2023-4428: Out of bounds memory access in CSS
2023-08-25 07:00:40
ubuntucve
ubuntucve
CVE-2023-4430
2023-08-23 00:00:00
CVE-2023-4427
2023-08-23 00:00:00
CVE-2023-4428
2023-08-23 00:00:00
cvelist
cvelist
CVE-2023-4427
2023-08-22 23:56:13
CVE-2023-4428
2023-08-22 23:56:13
CVE-2023-4430
2023-08-22 23:56:14
cnvd
cnvd
Google Chrome MediaStream Memory Misreference Vulnerability (CNVD-2023-69036)
2023-08-31 00:00:00
gentoo
gentoo
Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities
2024-01-31 00:00:00
JSON
Related for FREEBSD_PKG_29F050E93EF44C5F8204503B41CAF181.NASL
freebsd6nessus16mageia1openvas15kaspersky4chrome2malwarebytes1fedora3veracode4prion4cve4debiancve4mscve4ubuntucve4cvelist4cnvd1gentoo1