Lucene search
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.MARINER_CVE-2024-32607.NASLHistoryJul 03, 2024 - 12:00 a.m.
CBL Mariner 2.0 Security Update: hdf5 (CVE-2024-32607)
2024-07-0300:00:00
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
cbl mariner
security update
hdf5
cve-2024-32607
segv
vulnerability
hdf5 library
AI Score
7.1
Confidence
Low
The version of hdf5 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-32607 advisory.
- HDF5 Library through 1.14.3 has a SEGV in H5A__close in H5Aint.c, resulting in the corruption of the instruction pointer. (CVE-2024-32607)
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(201719);
script_version("1.1");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/07/03");
script_cve_id("CVE-2024-32607");
script_name(english:"CBL Mariner 2.0 Security Update: hdf5 (CVE-2024-32607)");
script_set_attribute(attribute:"synopsis", value:
"The remote CBL Mariner host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The version of hdf5 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected
by a vulnerability as referenced in the CVE-2024-32607 advisory.
- HDF5 Library through 1.14.3 has a SEGV in H5A__close in H5Aint.c, resulting in the corruption of the
instruction pointer. (CVE-2024-32607)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://nvd.nist.gov/vuln/detail/CVE-2024-32607");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2024-32607");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2024/05/14");
script_set_attribute(attribute:"patch_publication_date", value:"2024/07/01");
script_set_attribute(attribute:"plugin_publication_date", value:"2024/07/03");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:cbl-mariner:hdf5");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:cbl-mariner:hdf5-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:cbl-mariner:hdf5-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:cbl-mariner:hdf5-static");
script_set_attribute(attribute:"cpe", value:"x-cpe:/o:microsoft:cbl-mariner");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"MarinerOS Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/CBLMariner/release", "Host/CBLMariner/rpm-list", "Host/cpu");
exit(0);
}
include('rpm.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var release = get_kb_item('Host/CBLMariner/release');
if (isnull(release) || 'CBL-Mariner' >!< release) audit(AUDIT_OS_NOT, 'CBL-Mariner');
var os_ver = pregmatch(pattern: "CBL-Mariner ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CBL-Mariner');
os_ver = os_ver[1];
if (! preg(pattern:"^2([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'CBL-Mariner 2.0', 'CBL-Mariner ' + os_ver);
if (!get_kb_item('Host/CBLMariner/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 'aarch64' >!< cpu)
audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CBL-Mariner', cpu);
var pkgs = [
{'reference':'hdf5-1.14.4-1.cm2', 'cpu':'x86_64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'hdf5-1.14.4-1.cm2', 'cpu':'aarch64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'hdf5-debuginfo-1.14.4-1.cm2', 'cpu':'x86_64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'hdf5-debuginfo-1.14.4-1.cm2', 'cpu':'aarch64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'hdf5-devel-1.14.4-1.cm2', 'cpu':'x86_64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'hdf5-devel-1.14.4-1.cm2', 'cpu':'aarch64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'hdf5-static-1.14.4-1.cm2', 'cpu':'x86_64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'hdf5-static-1.14.4-1.cm2', 'cpu':'aarch64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE}
];
var flag = 0;
foreach var package_array ( pkgs ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var el_string = NULL;
var rpm_spec_vers_cmp = NULL;
var epoch = NULL;
var allowmaj = NULL;
var exists_check = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) _release = 'CBLMariner-' + package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {
if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'hdf5 / hdf5-debuginfo / hdf5-devel / hdf5-static');
}
Related
ubuntucve
ubuntucve
CVE-2024-32607
2024-05-14 00:00:00
cve
cve
CVE-2024-32607
2024-05-14 15:36:45
osv
osv
CVE-2024-32607
2024-05-14 15:36:00
cbl_mariner
cbl_mariner
CVE-2024-32607 affecting package hdf5 for versions less than 1.14.4-1
2024-05-23 23:29:42
CVE-2024-32607 affecting package hdf5 for versions less than 1.14.4.3-1
2024-06-21 09:32:44
debiancve
debiancve
CVE-2024-32607
2024-05-14 15:36:45
vulnrichment
vulnrichment
CVE-2024-32607
1976-01-01 00:00:00
redhatcve
redhatcve
CVE-2024-32607
2024-05-10 20:26:52
nvd
nvd
CVE-2024-32607
2024-05-14 15:36:45
cvelist
cvelist
CVE-2024-32607
1976-01-01 00:00:00
redos
redos
ROS-20240912-01
2024-09-12 00:00:00