Lucene search
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.MARINER_CVE-2024-26966.NASLHistoryAug 30, 2024 - 12:00 a.m.
CBL Mariner 2.0 Security Update: hyperv-daemons (CVE-2024-26966)
2024-08-3000:00:00
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
2
cbl mariner 2.0
hyperv-daemons
vulnerability
cve-2024-26966
linux kernel
clk
qcom
mmcc-apq8084
fix
AI Score
6.9
Confidence
Low
The version of hyperv-daemons installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-26966 advisory.
- In the Linux kernel, the following vulnerability has been resolved: clk: qcom: mmcc-apq8084: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. Add such entry to the end of the arrays where it is missing in order to avoid possible out- of-bound access when the table is traversed by functions like qcom_find_freq() or qcom_find_freq_floor().
Only compile tested. (CVE-2024-26966)
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(206384);
script_version("1.1");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/08/30");
script_cve_id("CVE-2024-26966");
script_name(english:"CBL Mariner 2.0 Security Update: hyperv-daemons (CVE-2024-26966)");
script_set_attribute(attribute:"synopsis", value:
"The remote CBL Mariner host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The version of hyperv-daemons installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore,
affected by a vulnerability as referenced in the CVE-2024-26966 advisory.
- In the Linux kernel, the following vulnerability has been resolved: clk: qcom: mmcc-apq8084: fix
terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an
empty element. Add such entry to the end of the arrays where it is missing in order to avoid possible out-
of-bound access when the table is traversed by functions like qcom_find_freq() or qcom_find_freq_floor().
Only compile tested. (CVE-2024-26966)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://nvd.nist.gov/vuln/detail/CVE-2024-26966");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2024-26966");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2024/05/01");
script_set_attribute(attribute:"patch_publication_date", value:"2024/08/13");
script_set_attribute(attribute:"plugin_publication_date", value:"2024/08/30");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:cbl-mariner:hyperv-daemons");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:cbl-mariner:hyperv-daemons-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:cbl-mariner:hyperv-daemons-license");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:cbl-mariner:hyperv-tools");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:cbl-mariner:hypervfcopyd");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:cbl-mariner:hypervkvpd");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:cbl-mariner:hypervvssd");
script_set_attribute(attribute:"cpe", value:"x-cpe:/o:microsoft:cbl-mariner");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"MarinerOS Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/CBLMariner/release", "Host/CBLMariner/rpm-list", "Host/cpu");
exit(0);
}
include('rpm.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var release = get_kb_item('Host/CBLMariner/release');
if (isnull(release) || 'CBL-Mariner' >!< release) audit(AUDIT_OS_NOT, 'CBL-Mariner');
var os_ver = pregmatch(pattern: "CBL-Mariner ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CBL-Mariner');
os_ver = os_ver[1];
if (! preg(pattern:"^2([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'CBL-Mariner 2.0', 'CBL-Mariner ' + os_ver);
if (!get_kb_item('Host/CBLMariner/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 'aarch64' >!< cpu)
audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CBL-Mariner', cpu);
var pkgs = [
{'reference':'hyperv-daemons-5.15.158.2-1.cm2', 'cpu':'x86_64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'hyperv-daemons-5.15.158.2-1.cm2', 'cpu':'aarch64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'hyperv-daemons-debuginfo-5.15.158.2-1.cm2', 'cpu':'x86_64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'hyperv-daemons-debuginfo-5.15.158.2-1.cm2', 'cpu':'aarch64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'hyperv-daemons-license-5.15.158.2-1.cm2', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'hyperv-daemons-license-5.15.158.2-1.cm2', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'hyperv-tools-5.15.158.2-1.cm2', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'hyperv-tools-5.15.158.2-1.cm2', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'hypervfcopyd-5.15.158.2-1.cm2', 'cpu':'x86_64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'hypervfcopyd-5.15.158.2-1.cm2', 'cpu':'aarch64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'hypervkvpd-5.15.158.2-1.cm2', 'cpu':'x86_64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'hypervkvpd-5.15.158.2-1.cm2', 'cpu':'aarch64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'hypervvssd-5.15.158.2-1.cm2', 'cpu':'x86_64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'hypervvssd-5.15.158.2-1.cm2', 'cpu':'aarch64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE}
];
var flag = 0;
foreach var package_array ( pkgs ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var el_string = NULL;
var rpm_spec_vers_cmp = NULL;
var epoch = NULL;
var allowmaj = NULL;
var exists_check = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) _release = 'CBLMariner-' + package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {
if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'hyperv-daemons / hyperv-daemons-debuginfo / hyperv-daemons-license / etc');
}
Related
redhatcve
redhatcve
CVE-2024-26966
2024-05-01 20:23:03
vulnrichment
vulnrichment
cvelist
cvelist
debiancve
debiancve
CVE-2024-26966
2024-05-01 06:15:12
ubuntucve
ubuntucve
CVE-2024-26966
2024-05-01 00:00:00
cbl_mariner
cbl_mariner
nvd
nvd
CVE-2024-26966
2024-05-01 06:15:12
osv
osv
CVE-2024-26966
2024-05-01 06:15:00
linux-raspi, linux-raspi-5.4 vulnerabilities
2024-07-19 10:36:03
linux-aws, linux-aws-5.4, linux-iot vulnerabilities
2024-07-23 07:58:00
cve
cve
CVE-2024-26966
2024-05-01 06:15:12
nessus
nessus
Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-6896-5)
2024-07-23 00:00:00
Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-6917-1)
2024-07-26 00:00:00
Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-6898-4)
2024-07-23 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-6898-2)
2024-07-18 00:00:00
Ubuntu: Security Advisory (USN-6898-4)
2024-07-24 00:00:00
Ubuntu: Security Advisory (USN-6896-3)
2024-07-18 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2024-07-15 00:00:00
Linux kernel vulnerabilities
2024-07-26 00:00:00
Linux kernel vulnerabilities
2024-07-23 00:00:00
debian
debian
[SECURITY] [DSA 5681-1] linux security update
2024-05-06 18:31:39